WILSON Cloud Respwnder is a Web Interaction Logger Sending Out Notifications with the ability to serve custom content in order to appropriately respond to client-issued requests.

Overview

WILSON Cloud Respwnder

Twitter Follow

What is this?

WILSON Cloud Respwnder is a Web Interaction Logger Sending Out Notifications (WILSON) with the ability to serve custom content in order to appropriately respond to the client issuing the request. It is probably most useful to security testers and bug bounty hunters.

When exploiting bugs that interact with an external server (e.g. SSRF or some XSS), it is sometimes useful to serve custom content on specific paths on the remote server. With WILSON Cloud Respwnder you can setup a fully functional PHP web server with transparent logging of all incoming DNS and HTTP requests to a Slack or Discord channel.

Features

  • Monitor DNS and HTTP requests in real-time without time window constraints. Continue receiving notifications for weeks or months on end to find more bugs;
  • Send notifications to Slack and/or Discord webhooks;
  • View the complete HTTP requests in your logs, including POST bodies;
  • By default resolves every subdomain.yourdomain.com to the same web server, allowing you to choose meaningful names that are easy to work with;
  • Filter out specific domains from cluttering your notifications by adding them to /data/blacklist.txt;
  • Modify and serve your own content on the PHP web server by writing files to /www;
  • A full NGINX server is at your disposal for advanced configuration options;
  • A full bind9 DNS server allows you to host arbitrary DNS records for advanced test cases;

Installation

WILSON Cloud Respwnder requires you to have a registered domain yourdomain.com with its nameserver(s) pointing to the server where you're installing this.

  1. Clone this repository: git clone https://github.com/honoki/wilson-cloud-respwnder;
  2. Run ./setup.sh yourdomain.com to generate the required config files;
  3. Follow the steps to generate your LetsEncrypt certificate;
  4. Edit settings.env to include your Slack and/or Discord webhooks;
  5. Run sudo docker-compose up -d
  6. Test if things are working by browsing to https://random-subdomain.yourdomain.com/randompage

Limitations

  • No support for protocols other than HTTP and DNS;
  • Due to limitations of Slack and Discord notifications, HTTP requests are truncated if the request body is larger than ~2KB or ~3KB respectively. Full HTTP messages can be viewed in /logs/mitm/http.log when that happens;
  • Nested subdomains (e.g. test.sub.yourdomain.com) will resolve to your server, but will not automatically have a valid certificate due to limitations of LetsEncrypt. This means HTTP requests will work as expected, but HTTPS requests will likely fail.

Acknowledgments

Thanks to @michenriksen for suggesting the name Wilson, referencing the Wilson cloud chamber used to visualize the passage of ionizing radiation.

You might also like...
Buy early bsc gems with custom gas fee, slippage, amount. Auto approve token after buy. Sell buyed token with custom gas fee, slippage, amount. And more.

Pancakeswap Sniper bot Full version of Pancakeswap sniping bot used to snipe during fair coin launches. With advanced options and a graphical user int

Nautobot-custom-jobs - Custom jobs for Nautobot

nautobot-custom-jobs This repo contains custom jobs for Nautobot. Installation P

universal messaging & notifications api
universal messaging & notifications api

Pronounced "boat-shahft" What is botschaft? Botschaft is unified messaging & notifications appliance. Want to text yourself when a long-running task c

Send Informative, Concise Slack Notifications With Minimal Effort

slack-templates Send Informative, Concise Slack Notifications With Minimal Effort slack-templates Slack Integration Available Templates Usage Report t

This Discord bot is to give timely notifications to Students in the Lakehead CS 2021 Guild

Discord-Bot Goal of Project The purpose of this Discord bot is to give timely notifications to Students in the Lakehead CS 2021 Guild. How can I contr

Apprise - Push Notifications that work with just about every platform!
Apprise - Push Notifications that work with just about every platform!

ap·prise / verb To inform or tell (someone). To make one aware of something. Apprise allows you to send a notification to almost all of the most popul

A discord bot providing notifications of player activity on a minecraft server.

tos-alert A discord bot providing notifications of player activity on a minecraft server. Setup By default the app does not launch and will crash with

A self-bot for discord, written in Python, which will send you notifications to your desktop if it detects an intruder on your discord server

A self-bot for discord, written in Python, which will send you notifications to your desktop if it detects an intruder on your discord server

Sends notifications when Pokemon Center products are in stock

Sends notifications when Pokemon Center products are in stock! If you use this for scalping, I will break your kneecaps

Comments
  • Cert and DNS binding problem..

    Cert and DNS binding problem..

    Hello Honoki, Awesome project!, im trying to install on a fresh Ubuntu 20.04.2 LTS but I have some problems...

    Cert problem

    Requesting a certificate for *.mydomain.com
    Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. You may need to use an authenticator plugin that can do challenges over DNS.
    

    So, I manually created the ./keys/ w/ my key pair.. solved the problem, but the warning message still appears "Client with the currently selected authenticator does not support any combination of challenges..."

    DNS binding problem

    root@ubuntu:~/appz/wilson-cloud-respwnder# docker-compose up
    Recreating wilson-cloud-respwnder_php_1 ... 
    Recreating wilson-cloud-respwnder_mitmdump_1 ... 
    Recreating wilson-cloud-respwnder_dns_1      ... 
    Recreating wilson-cloud-respwnder_dns_1      ... error
    
    Recreating wilson-cloud-respwnder_php_1      ... done
    Recreating wilson-cloud-respwnder_mitmdump_1 ... done
    :53: bind: address already in use
    Recreating wilson-cloud-respwnder_server_1   ... done
    
    ERROR: for dns  Cannot start service dns: driver failed programming external connectivity on endpoint wilson-cloud-respwnder_dns_1 (cf184fd3cba4b5201d3c1e181dd9acda2a2aec40b67b496320e130d887a9a8ff): Error starting userland proxy: listen tcp4 0.0.0.0:53: bind: address already in use
    ERROR: Encountered errors while bringing up the project.
    

    Port 53 already in use..

    sudo systemctl stop systemd-resolved Solves the problem, http(s)://mydomain.com are accessible.. discord notifications also work but subdomains *.mydomain.com does not working..

    opened by intrd 1
  • upstream prematurely closed connection

    upstream prematurely closed connection

    Hi,

    I now see this error when running Wilson:

    server_1    | 2022/09/14 14:40:25 [error] 13#13: *186 upstream prematurely closed connection while reading response header from upstream, client: 128.14.209.162, server: *.wilson.be, request: "GET / HTTP/1.1", upstream: "http://172.18.0.3:30001/", host: "x.x.x.x"
    server_1    | 128.14.209.162 - - [14/Sep/2022:14:40:25 +0000] "GET / HTTP/1.1" 502 552 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" "-"
    

    A.

    opened by aroly 4
  • Missing Python package

    Missing Python package "requests" in dns container

    Hi there,

    I'm trying to setup Wilson, and just noticed that when running docker-compose (without de daemon option):

    Attaching to wilson-cloud-respwnder_php_1, wilson-cloud-respwnder_dns_1, wilson-cloud-respwnder_mitmdump_1, wilson-cloud-respwnder_server_1
    dns_1       | Traceback (most recent call last):
    dns_1       |   File "/monitor.py", line 2, in <module>
    dns_1       |     import time, requests, os
    dns_1       | ModuleNotFoundError: No module named 'requests'
    

    It looks like the Python "requests" module is missing in the container.

    Cheers,

    A.

    opened by aroly 5
Owner
null
A Python app to serve Conveyor room requests and run approvals through Slack

✨ CONVEYOR FOR SLACK ✨ This is a friendly little Python app that will allow you to integrate your instance of Conveyor with your Slack workspace. In o

Vivienne 4 Sep 27, 2021
Python client for using Prefect Cloud with Saturn Cloud

prefect-saturn prefect-saturn is a Python package that makes it easy to run Prefect Cloud flows on a Dask cluster with Saturn Cloud. For a detailed tu

Saturn Cloud 15 Dec 7, 2022
A python discord client interaction emulator for the DC29 badge code channel

dc29-discord-signalbot A python discord client interaction emulator for the DC29 badge code channel Prep Open Developer mode Open the developer mode f

null 8 Aug 23, 2021
A simple telegram bot to save restricted content with custom thumbmail support by Mahesh Chauhan

Save Restricted Content Bot A simple telegram bot to save restricted content with custom thumbmail support by Mahesh Chauhan. Variables API_ID API_HAS

Mahesh Chauhan 532 Jan 2, 2023
Discord Bot that leverages the idea of nested containers using podman, runs untrusted user input, executes Quantum Circuits, allows users to refer to the Qiskit Documentation, and provides the ability to search questions on the Quantum Computing StackExchange.

Discord Bot that leverages the idea of nested containers using podman, runs untrusted user input, executes Quantum Circuits, allows users to refer to the Qiskit Documentation, and provides the ability to search questions on the Quantum Computing StackExchange.

Mehul 23 Oct 18, 2022
Python client to do LispTick requests

lisptick-python LispTick Python client library It allows to send request and receive result from a LispTick server. Get a socket connection to a LispT

Kereon Intelligence 1 Oct 25, 2021
WBMS automates sending of message to multiple numbers via WhatsApp Web

WhatsApp Bulk Message Sender - WBMS WBMS automates sending of message to multiple numbers via WhatsApp Web. Report Bug · Request Feature Love the proj

Akshay Parakh 3 Jun 26, 2022
DeKrypt 24 Sep 21, 2022
A Python Client to View F1TV Content the right way

F1Hub is a terminal application running directly on your computer -- no connection to the website needed* *In theory. As of now, the F1TV website is needed for some content

kodos 3 Jun 14, 2022
LoL API is a Python application made to serve League of Legends data.

LoL API is a Python application made to serve League of Legends data.

Caique Cunha Pereira 1 Nov 6, 2021