[QUESTION] Connexion AWS server

enkomio / AlanFramework

A C2 post-exploitation framework

Other

461 stars 72 forks source link

[QUESTION] Connexion AWS server #4

Closed piedacoulisse2 closed 2 years ago

piedacoulisse2 commented 2 years ago

Hello,

I have a question about the C2. Why is there a connexion to the web server AWS 34.252.108.5 in the app ?

Best regards;

Piedacoulisse

enkomio commented 2 years ago

Hi,

the connection to that IP is necessary to obtain the public Alan server IP address. This information is handy during the creation of an agent (you have to specify a public IP address in order for the agent to connect to the server). More information on this aspect are provided in the guide (https://github.com/enkomio/AlanFramework/blob/main/doc/Alan%20Documentation%20-%20v7.0.514.10.pdf) on page 7.

piedacoulisse2 commented 2 years ago

Ok thank for the response.

piedacoulisse2 commented 2 years ago

You can also use to obtain the public ip with http://api.ipify.org insteed of AWS server.

enkomio commented 2 years ago

yep. I might considering, for the next release, to use more than one URL to obtain the public IP, or give the possibility to disable the IP resolution at all.