I'd like to know if this agent supports domain fronting. When configuring the C2 http profile during Apollo payload generation, I've set the following configuration values:
Callback host - https://somethingrandom.microsoft.com
HTTP Header - "Host": "somethingrandom.azureedge.net"
I get a callback when I execute the payload but when I check in Wireshark (Client Hello packet) the agent connects to "somethingrandom.azureedge.net" instead of "somethingrandom.microsoft.com".
Please let me know if I'm missing something. I've tested that the Domain Fronting works fine but I can't seem to get it working with Apollo.
pr0b3r7
commented
11 months ago
Hi,
I'd like to know if this agent supports domain fronting. When configuring the C2 http profile during Apollo payload generation, I've set the following configuration values: Callback host - https://somethingrandom.microsoft.com HTTP Header - "Host": "somethingrandom.azureedge.net"
I get a callback when I execute the payload but when I check in Wireshark (Client Hello packet) the agent connects to "somethingrandom.azureedge.net" instead of "somethingrandom.microsoft.com".
Please let me know if I'm missing something. I've tested that the Domain Fronting works fine but I can't seem to get it working with Apollo.
Mythic v2.3.9 UI v0.0.52 Apollo: 2.2.0