Skip to content

Add HTTP listener

import requests
import base64
import json

# Configuration
baseUrl = "https://localhost:8443"
username = "---USERNAME---"
password = "---PASSWORD---"

# Login & get JWT token
headers = {
    "Authorization":
        "Basic " +
        base64
        .b64encode(
            (username + ":" + password)
            .encode('utf-8')
        )
        .decode('utf-8')
}

response = requests.request("POST", "%s/api/v1/auth/login" % baseUrl, headers=headers, verify=False)
if response.status_code != 200:
    print("Login failed")
    exit()

authToken = response.text
headers = {"Authorization": "Bearer " + authToken}

# Create listener out of shelldot.listener.agent-reverse-http plugin on port 8089
conf = {
    "plugin": "shelldot.listener.agent-reverse-http", # ID of the plugin
    "configuration": {  # Configuration provided to the listener
        "port": 8089,
        "httpCallbacks": [
            {
                "hosts": [
                    "localhost",
                    "127.0.0.1"
                ],
                "hostsRotation": {
                    "type": "FAILOVER",
                    "counter": 1,
                    "unit": "TRIES"
                },
                "sleep": 30000,
                "sleepRandom": 10000,
                "hostHeaders": [
                    "localhost",
                    "127.0.0.1"
                ],
                "hostHeaderRotation": {
                    "type": "FAILOVER",
                    "counter": 3,
                    "unit": "TRIES"
                }
            }
        ],
        "getURI": "/",
        "postURI": "/",
        "stagedURI": "/payload",
        "stagedURIlistenerId": "listener",
        "stagedURItype": "type",
        "fileStorageURI": "/files/",
        "metadataCookieName": "PHPSESSID",
        "metadataPrefix": "",
        "metadataSuffix": "",
        "secure": 0,
        "startTime": 1697997673.8440146,
        "sleep": 30000,
        "sleepRandom": 10000,
    }
}

response = requests.post("%s/api/v1/listeners" % baseUrl, headers=headers, json=conf, verify=False)
if response.status_code != 200:
    print("Creating listener failed")
    print(response.text)
    exit()

print("Listener created")
print(response.text)