import requests
import base64
import json
# Configuration
baseUrl = "https://localhost:8443"
username = "---USERNAME---"
password = "---PASSWORD---"
# Login & get JWT token
headers = {
"Authorization":
"Basic " +
base64
.b64encode(
(username + ":" + password)
.encode('utf-8')
)
.decode('utf-8')
}
response = requests.request("POST", "%s/api/v1/auth/login" % baseUrl, headers=headers, verify=False)
if response.status_code != 200:
print("Login failed")
exit()
authToken = response.text
headers = {"Authorization": "Bearer " + authToken}
# Create listener out of shelldot.listener.agent-reverse-http plugin on port 8089
conf = {
"plugin": "shelldot.listener.agent-reverse-http", # ID of the plugin
"configuration": { # Configuration provided to the listener
"port": 8089,
"httpCallbacks": [
{
"hosts": [
"localhost",
"127.0.0.1"
],
"hostsRotation": {
"type": "FAILOVER",
"counter": 1,
"unit": "TRIES"
},
"sleep": 30000,
"sleepRandom": 10000,
"hostHeaders": [
"localhost",
"127.0.0.1"
],
"hostHeaderRotation": {
"type": "FAILOVER",
"counter": 3,
"unit": "TRIES"
}
}
],
"getURI": "/",
"postURI": "/",
"stagedURI": "/payload",
"stagedURIlistenerId": "listener",
"stagedURItype": "type",
"fileStorageURI": "/files/",
"metadataCookieName": "PHPSESSID",
"metadataPrefix": "",
"metadataSuffix": "",
"secure": 0,
"startTime": 1697997673.8440146,
"sleep": 30000,
"sleepRandom": 10000,
}
}
response = requests.post("%s/api/v1/listeners" % baseUrl, headers=headers, json=conf, verify=False)
if response.status_code != 200:
print("Creating listener failed")
print(response.text)
exit()
print("Listener created")
print(response.text)