forked from R3dFruitRollUp/Aggressor-VYSEC
-
Notifications
You must be signed in to change notification settings - Fork 1
/
pushover-ng.cna
118 lines (86 loc) · 3.48 KB
/
pushover-ng.cna
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
# This script adds basic pushover functionality to Cobalt Strike
# Edit the API keys
# Original script by @Und3rf10w
# Modded by @vysecurity
# Integrated with Aggressor based HTTP calls by @vysecurity
import java.net.URLEncoder;
import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
sub sendhttp{
$method = $1;
$url = $2;
$body = $3 . "\r\n";
$USER_AGENT = "Mozilla/5.0";
$urlobj = [new URL: $url];
$con = [$urlobj openConnection];
[$con setRequestMethod: $method];
[$con setRequestProperty: "User-Agent", $USER_AGENT];
[$con setDoOutput: true];
$wr = [new DataOutputStream: [$con getOutputStream]];
[$wr writeBytes: $body];
[$wr flush];
[$wr close];
$responseCode = [$con getResponseCode];
$in = [new BufferedReader: [new InputStreamReader: [$con getInputStream]]];
$inputLine = "";
$response = "";
$inputLine = [$in readLine];
$response = $response . $inputLine . "\r\n";
while ($inputLine ne ""){
$inputLine = [$in readLine];
$response = $response . $inputLine . "\r\n";
}
[$in close];
return $response;
}
on ready {
elog("Pushover notifications are now configured");
}
#on event_notify {
# $time = formatDate($2, "yyyy.MM.dd 'at' HH:mm:ss z");
# pushover("CS:System_Event","$time $+ : $1");
#}
on event_join {
$time = formatDate($2, "yyyy.MM.dd 'at' HH:mm:ss z");
pushover("CS:User_Joined","$time $+ : $1 has joined");
}
on event_action {
$time = formatDate($2, "yyyy.MM.dd 'at' HH:mm:ss z");
pushover("CS:Action_Performed","$time $+ : < $+ $3 $+ >: $1 ");
}
on event_public {
$time = formatDate($3, "yyyy.MM.dd 'at' HH:mm:ss z");
pushover("CS:New_Message","$time $+ : < $+ $1 $+ >: $2 ");
}
on event_quit {
$time = formatDate($2, "yyyy.MM.dd 'at' HH:mm:ss z");
pushover("CS:User_Left","$time $+ : $1 has quit");
}
on beacon_initial {
if (-isadmin $1){
pushover("CS:New_Beacon","New Beacon Received - ID: $1 | User: " . binfo($1, "user") . " | Hostname: " . binfo($1, "computer") . " | PID: " . binfo($1,"pid") . " | HOST: " . binfo($1,"host") . " | ADMIN BEACON");
$elog = "New Beacon Received - ID: $1 | User: " . binfo($1, "user") . " | Hostname: " . binfo($1, "computer") . " | PID: " . binfo($1,"pid") . " | HOST: " . binfo($1,"host") . " | ADMIN BEACON";
}
else {
pushover("CS:New_Beacon","New Beacon Received - ID: $1 | User: " . binfo($1, "user") . " | Hostname: " . binfo($1, "computer") . " | PID: " . binfo($1,"pid") . " | HOST: " . binfo($1,"host"));
$elog = "New Beacon Received - ID: $1 | User: " . binfo($1, "user") . " | Hostname: " . binfo($1, "computer") . " | PID: " . binfo($1,"pid") . " | HOST: " . binfo($1,"host");
}
elog("\x039".$elog);
}
on ssh_initial {
pushover("CS:New_SSH", "New SSH Session Received - ID: $1 | Hostname " . binfo($1, "computer"));
}
on profiler_hit {
pushover("CS:Profiler_Hit","Profiler Hit Received - External: $1 | Internal: $2 | UA: $3 | Email: " . tokenToEmail($5));
}
sub pushover {
$token = "TOKEN";
$user = "USER";
$title = $1;
$message = $2;
$body = "token=" . $token . "&user=" . $user . "&title=" . $title . "&message=" . $message;
sendhttp("POST", "https://api.pushover.net/1/messages.json", $body);
}