f4d3

f4d3

InfoSec enthusiast | pwn | RE | CTF | BugBounty

Simple Telegram Notificator 🎯 !

Shout it Out (Simple Telegram Notificator maker 🎯 !)

Hi everyone!

Here I brought to you a tiny tool that I made to create notifications on the fly via telegram bot api, which helps you to make scripts and notify out some events.
For example, I use this tool to manage my own collaborator, which will shout out the DNS hits made to my collab.
Normally I use this to clear the checklist: (DNS interaction HIT, SSRF, bXSS, etc).

Very useful (at least for me) for bug bounties and CTF’s :D

Installation

  • Clone the repo
  • Make the program executable
  • (optional) Make a symlink to one of your inPATH folder.
  • Make the config file for the program.
  • Run it
cd /opt
git clone https://github.com/jcatala/shout-it-out
cd shout-it-out
pip3 install -r requeriments.txt --user
# optional
chmod 755 main.py
ln -s /opt/shout-it-out/main.py /usr/local/bin/sio-notification.py

Config file

The config file will be placed on our home directory with the name of .sio.conf. With the following format:

[DEFAULT]
apikey = YOUR API KEY(the wich one that both father gives you)
  • You can have a saved_chat_id on your config file too, this is optional, if the program fails at fetching a new chat_id (which is normal when there’s no interaction for a while with the bot chat), the program will fetch the chat_id from the config file. But, if one fetching is correctly made, the program will automaticaly update this on the config file.

how2use

➜  ~ sio-notification.py -h
usage: sio-notification.py [-h] [-c CONFIG] [-i INFILE] [-v] [-F FILTER] [-f] [-m]

Simple Shout-it-out telegram notificator

optional arguments:
  -h, --help            show this help message and exit
  -c CONFIG, --config CONFIG
                        Full path to config file (default is ~/.sio.conf
  -i INFILE, --infile INFILE
                        Send a text file (default is stdin)
  -v, --verbose         Turn on the verbose mode
  -F FILTER, --filter FILTER
                        Add a filter before sending the message (string: default: None)
  -f, --follow          Send one line at a time
  -m, --markdown        Force markdown on the entire message, if is not, do it by yourself adding backquotes

  • NOTE: The default format of the message is MARKDOWN, if you use the -m option, the backquotes are automatically added, if not, you need to handle it by yourself.

Example use case

  • To make simple command line notification
Example use case

Example out of band DNS check

  • I have the bot running on DNS hits on my collab, the following command will do the work:
tail -n 0 -f /var/log/named/query.log  | grep --line-buffered "your-desire-domain.com" | sio-notification.py -v -f -m

NOTE

  • The python stdin is a little tricky with some buffered inputs, so we need that grep flush once per line, the --line-buffered will do the work.
  • I dont recommend to grep over your main domain, because sometimes, scanners/chineses will fukk your bot up 😶

Question / Support

Any question/suggestion, please, contact me via twitter 👀

If you take a while to test this… thank you very much !