-
Notifications
You must be signed in to change notification settings - Fork 4
/
dnsrecon.php
61 lines (60 loc) · 2.04 KB
/
dnsrecon.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
<?php
/***********************************************************************************************
*
* REQUIREMENTS
* A custom slash command on a Slack team
* A web server running PHP5 with cURL enabled and NMap 7.
* USAGE
* Place this script on a server running PHP5 with cURL.
* Set up a new custom slash command on your Slack team:
* http://*.slack.com/services/new/slash-commands
* Under "Choose a command", enter whatever you want for
* the command. /dns is easy to remember.
* Under "URL", enter the URL for the script on your server.
* Leave "Method" set to "Post".
* Decide whether you want this command to show in the
* autocomplete list for slash commands.
* If you do, enter a short description and usage hint.
*
* Co-author: reedphish
*
* Reedphish contact information:
* reedphish@outlook.com>, github.com/reedphish, reedphish.wordpress.com, twitter.com/reedphish
***********************************************************************************************/
/**
* Master token, replace this with the token from your slash command configuration page
*/
$mastertoken = "GETFROMSLACK";
/**
* Processing POST request
*/
if(isset($_POST["command"]) && isset($_POST["token"]) && isset($_POST['text'])) {
// Grab some of the values from the slash command, create vars for post back to Slack
$command = $_POST['command'];
$token = $_POST['token'];
$text = $_POST['text'];
// Check the token and make sure the request is from our team
if($token != $mastertoken) {
die("The token for the slash command doesn't match. Check your script.");
}
$user_agent = "Slack/1.0";
if(isvalid($text)) {
$cmd = "python dnsrecon/dnsrecon.py -d {$text}";
$proc = popen($cmd, 'r');
while (!feof($proc))
{
echo fread($proc, 4096);
@ flush();
}
} else {
die("Address is not legal");
}
} else {
die("Failure processing request. Please check required parameters and transport verb.");
}
/**
* Check if string contains illegal characters
*/
function isValid(string $content) {
return preg_match('/^[a-zA-Z0-9\.]*$/', $content);
}