djhohnstein
commented
2 years ago I'm not sure I understand the question. The IP that's displayed in the UI is the one retrieved from the host, not the one you specify in the C2 profile.
Closed P-T001 closed 2 years ago
djhohnstein
commented
2 years ago I'm not sure I understand the question. The IP that's displayed in the UI is the one retrieved from the host, not the one you specify in the C2 profile.
P-T001
commented
2 years ago The normal IP address of the target host is not "169.254.190.230", which appears only when there is no network
In the web callback, the IP displayed by the target host (Windows) is "169.254.190.230". Normally, shouldn't it be the IP on the target host?
So I was wondering if it was the reason why I chose fewer commands
djhohnstein
commented
2 years ago I'm guessing it's a result from this line here:
The number of commands specified won't change that. I could return all IPs, but Mythic doesn't know how to choose the "best" IP for display. I'm gonna close this issue for now.
hi,
The Apollo agent goes online to obtain the IP display 169.254.190.230, but it does not affect the execution of the command.
Use test environment: server system: kali-linux-2020.2-amd64 (192.168.23.130) agent system :windows (win10 x64) (192.168.23.140)
Use Apollo's payload build settings : payload:Apollo c2profiles:http Callback Host:http://192.168.23.130 Callback Port:80 Choose a target .NET Framework:4.0 Target architecture:x64 Output as shellcode, executable, or dynamically loaded library.:WinExe Build a payload with or without debugging symbols.:Release Selected OS:Windows Selected command:powershell、upload、download ........