2. Quickstart
How do I get this thing working so I can see what it can do?
- Make a Notion account
- Go to the Notion API developer page and log in. Create an Integration user (
New integration). Copy that user's API key. - Create a page in your Notion book (any page will do). This is your "Listener." Copy the final part of the URL or press ctl+L in the Desktop app. This is your parent page ID. Keep track of it for a moment. Deck out your page with a banner and emoji icon. Have fun with it.
- In the upper-right corner of your Notion page, click "Share" and "Invite." Add your Notion Developer API account to this page.
- Download the Linux agent from the Release section.
- Run the release agent in debug mode (
-d) and input the values for each prompt.
husky@ubuntu:~/Desktop/OffensiveNotion/bin/linux_debug/debug$ ./offensive_notion -d
[*] Starting!
Getting config options!
[*] Enter agent sleep interval > 5
[*] Enter agent jitter time > 0
[*] Enter parent page id > [...your parent page ID..]
[*] Enter API Key >
[...your API key...]
[*] Enter Config File Path >
[leave blank]
[*] Enter Log Level (1-4) >
2
- Your agent should now check into your Listener page:
- Run commands! Make a To-Do block (
/todoin the Notion app), entershell whoami 🎯, and watch the magic unfold.
See the Agent Interaction section for the full list of available commands.
The Python script (main.py) is included as a quick and easy agent configuration/generation utility. It must be run with root privileges and has some dependencies.
The primary purpose of the Python script is to make it easy for the operator to set the agent's config parameters in the code of the agent itself so it can be run without arguments. The script automates all of the steps required to do so.
husky@ubuntu:~/Desktop/OffensiveNotion$ sudo python3 main.py -h
usage: main.py [-h] [-o {linux,windows}] [-b {debug,release}] [-c] [-w] [-m {powershell,wget-linux,wget-psh,python-linux,python-windows}] [-ip HOSTIP] [-p PORT]
OffensiveNotion Setup. Must be run as root. Generates the OffensiveNotion agent in a container.
optional arguments:
-h, --help show this help message and exit
-o {linux,windows}, --os {linux,windows}
Target OS
-b {debug,release}, --build {debug,release}
Binary build
-c, --c2lint C2 linter. Checks your C2 config by creating a test page on your Listener.
-w, --webdelivery Start a web delivery server to host and deliver your agent. Provides convenient one liners to run on the target.
-m {powershell,wget-linux,wget-psh,python-linux,python-windows}, --method {powershell,wget-linux,wget-psh,python-linux,python-windows}
Method of web delivery
-ip HOSTIP, --hostIP HOSTIP
Web server host IP.
-p PORT, --port PORT Web server host port.
The main.py script handles all setup and agent compilation. You need docker in order to use it.
If you don't have docker already:
$ sudo apt-get install docker.io
Next, install the Python dependencies:
$ pip3 install poetry
$ poetry shell
$ poetry install
Then run the main script:
$ sudo python3 main.py [-h] [-o {linux,windows}] [-b {debug,release}] [-c] [-w] [-m {powershell,wget-linux,wget-psh,python-linux,python-windows}] [-ip HOSTIP] [-p PORT]
The only two arguments that are required are -o, for the OS, and -b, for the build (debug or release). The additional arguments are covered in the Misc section.
Once the script is running, follow the prompts to perform the installation. It creates a Docker container and creates the agent inside, then copies it to your physical host and deletes the container.