From ae07716636fa4217d0c38e857329cecc5789ce1e Mon Sep 17 00:00:00 2001 From: xxcdd <42600601+xxcdd@users.noreply.github.com> Date: Sat, 6 Jan 2024 14:58:20 +0800 Subject: [PATCH 1/3] Add web hook report --- pocsuite3/lib/core/option.py | 8 ++++ pocsuite3/lib/core/settings.py | 7 +++- pocsuite3/lib/parse/cmd.py | 6 +++ pocsuite3/plugins/web_hook.py | 69 ++++++++++++++++++++++++++++++++++ 4 files changed, 89 insertions(+), 1 deletion(-) create mode 100644 pocsuite3/plugins/web_hook.py diff --git a/pocsuite3/lib/core/option.py b/pocsuite3/lib/core/option.py index b10dc9f2..2ff8338d 100644 --- a/pocsuite3/lib/core/option.py +++ b/pocsuite3/lib/core/option.py @@ -467,6 +467,9 @@ def _cleanup_options(): if conf.output_path and 'file_record' not in conf.plugins: conf.plugins.append('file_record') + if (conf.dingtalk_token and conf.dingtalk_secret) or conf.wx_work_key: + if 'web_hook' not in conf.plugins: + conf.plugins.append('web_hook') if conf.connect_back_port: conf.connect_back_port = int(conf.connect_back_port) @@ -606,6 +609,11 @@ def _set_conf_attributes(): conf.docker_volume = list() conf.docker_only = False + # web hook + conf.dingtalk_token = "" + conf.dingtalk_secret = "" + conf.wx_work_key = "" + def _set_kb_attributes(flush_all=True): """ diff --git a/pocsuite3/lib/core/settings.py b/pocsuite3/lib/core/settings.py index 80402f60..b9d8aafa 100644 --- a/pocsuite3/lib/core/settings.py +++ b/pocsuite3/lib/core/settings.py @@ -189,5 +189,10 @@ "mode", "api", "connect_back_host", - "connect_back_port" + "connect_back_port", + + # web hook + "dingtalk-token", + "dingtalk-secret", + "wx-work-key" ] diff --git a/pocsuite3/lib/parse/cmd.py b/pocsuite3/lib/parse/cmd.py index 82c47f48..d22f95fc 100644 --- a/pocsuite3/lib/parse/cmd.py +++ b/pocsuite3/lib/parse/cmd.py @@ -168,6 +168,12 @@ def cmd_line_parser(argv=None): docker_environment.add_argument("--docker-only", dest="docker_only", action="store_true", default=False, help="Only run docker environment") + # web hook options + web_hook = parser.add_argument_group('Web Hook', "Web Hook Options") + web_hook.add_argument("--dingtalk-token", dest="dingtalk_token", help="Dingtalk access token") + web_hook.add_argument("--dingtalk-secret", dest="dingtalk_secret", help="Dingtalk secret") + web_hook.add_argument("--wx-work-key", dest="wx_work_key", help="Weixin Work key") + # Diy options diy = parser.add_argument_group("Poc options", "definition options for PoC") diy.add_argument("--options", dest="show_options", action="store_true", default=False, diff --git a/pocsuite3/plugins/web_hook.py b/pocsuite3/plugins/web_hook.py new file mode 100644 index 00000000..1ccd90be --- /dev/null +++ b/pocsuite3/plugins/web_hook.py @@ -0,0 +1,69 @@ +import hmac +import hashlib +import base64 +import urllib.parse +import requests +import time + +from pocsuite3.api import PLUGIN_TYPE, get_results +from pocsuite3.api import PluginBase +from pocsuite3.api import logger +from pocsuite3.api import register_plugin, conf + + +def dingding_send(msg, access_token, secret, msgtype="markdown", title="pocsuite3消息推送"): + ding_url = "https://oapi.dingtalk.com/robot/send?access_token={}".format(access_token) + timestamp = str(round(time.time() * 1000)) + secret_enc = secret.encode('utf-8') + string_to_sign = '{}\n{}'.format(timestamp, secret) + string_to_sign_enc = string_to_sign.encode('utf-8') + hmac_code = hmac.new(secret_enc, string_to_sign_enc, digestmod=hashlib.sha256).digest() + sign = urllib.parse.quote_plus(base64.b64encode(hmac_code)) + param = "×tamp={}&sign={}".format(timestamp, sign) + ding_url = ding_url + param + send_json = { + "msgtype": msgtype, + "markdown": { + "title": title, + "text": "# pocsuite3消息推送\n\n" + msg + } + } + requests.post(ding_url, json=send_json) + + +def wx_work_send(msg, key): + webhook_url = "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=" + key + send_data = { + "msgtype": "markdown", + "markdown": { + "content": "# pocsuite3消息推送\n\n" + msg + } + } + requests.post(webhook_url, json=send_data) + + +def web_hook_send(msg): + if conf.dingtalk_token and conf.dingtalk_secret: + dingding_send(msg, conf.dingtalk_token, conf.dingtalk_secret) + if conf.wx_work_key: + wx_work_send(msg, conf.wx_work_key) + + +class WebHook(PluginBase): + category = PLUGIN_TYPE.RESULTS + + def init(self): + debug_msg = "[PLUGIN] web hook plugin init..." + logger.debug(debug_msg) + + def start(self): + push_info = "" + for result in get_results(): + if result.status == "success": + poc_name = result.get("poc_name") + target = result.get("target") + push_info += "- {} found vuln: {}".format(target, poc_name) + web_hook_send(push_info) + + +register_plugin(WebHook) From 0f493a31750832bc6d884b776e13374f42d56707 Mon Sep 17 00:00:00 2001 From: xxcdd <42600601+xxcdd@users.noreply.github.com> Date: Sat, 6 Jan 2024 15:05:37 +0800 Subject: [PATCH 2/3] Update settings.py --- pocsuite3/lib/core/settings.py | 1 + 1 file changed, 1 insertion(+) diff --git a/pocsuite3/lib/core/settings.py b/pocsuite3/lib/core/settings.py index c6d92d55..1524139c 100644 --- a/pocsuite3/lib/core/settings.py +++ b/pocsuite3/lib/core/settings.py @@ -198,3 +198,4 @@ "dingtalk-token", "dingtalk-secret", "wx-work-key" +] From 95d08fbd9f844989fbdac39fd8c7a7553299c72a Mon Sep 17 00:00:00 2001 From: xxcdd <42600601+xxcdd@users.noreply.github.com> Date: Sat, 6 Jan 2024 15:09:21 +0800 Subject: [PATCH 3/3] Update settings.py FIX: > ./pocsuite3/lib/core/settings.py:196:1: W293 blank line contains whitespace --- pocsuite3/lib/core/settings.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pocsuite3/lib/core/settings.py b/pocsuite3/lib/core/settings.py index 1524139c..ccd3c25b 100644 --- a/pocsuite3/lib/core/settings.py +++ b/pocsuite3/lib/core/settings.py @@ -193,7 +193,7 @@ "requests-session-reuse", "requests-session-reuse-num", - + # web hook "dingtalk-token", "dingtalk-secret",