Skip to content

Commit 73054f7

Browse files
TheTechromancerTheTechromancer
authored
Merge pull request #2365 from blacklanternsecurity/websocket-adjust-ssl
Add Option to Disable SSL Verification on Websockets output module
2 parents 4c2549f + 5b77424 commit 73054f7

3 files changed

Lines changed: 350 additions & 480 deletions

File tree

bbot/modules/output/websocket.py

Lines changed: 12 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11
import json
22
import asyncio
3+
import ssl
34
import websockets
45

56
from bbot.modules.output.base import BaseOutputModule
@@ -8,11 +9,12 @@
89
class Websocket(BaseOutputModule):
910
watched_events = ["*"]
1011
meta = {"description": "Output to websockets", "created_date": "2022-04-15", "author": "@TheTechromancer"}
11-
options = {"url": "", "token": "", "preserve_graph": True}
12+
options = {"url": "", "token": "", "preserve_graph": True, "ignore_ssl": False}
1213
options_desc = {
1314
"url": "Web URL",
1415
"token": "Authorization Bearer token",
1516
"preserve_graph": "Preserve full chains of events in the graph (prevents orphans)",
17+
"ignore_ssl": "Ignores all Websocket SSL related errors (like Self-Signed Certificates, etc.)",
1618
}
1719

1820
async def setup(self):
@@ -31,12 +33,16 @@ async def ws(self, rebuild=False):
3133
if self._ws is None or rebuild:
3234
kwargs = {"close_timeout": 0.5}
3335
if self.token:
34-
kwargs.update({"extra_headers": {"Authorization": f"Bearer {self.token}"}})
35-
verbs = ("Building", "Built")
36-
if rebuild:
37-
verbs = ("Rebuilding", "Rebuilt")
36+
kwargs.update({"additional_headers": {"Authorization": f"Bearer {self.token}"}})
37+
verbs = ("Building", "Built") if not rebuild else ("Rebuilding", "Rebuilt")
3838
self.debug(f"{verbs[0]} websocket connection to {self.url}")
39-
self._ws = await websockets.connect(self.url, **kwargs)
39+
if self.config.get("ignore_ssl", False):
40+
ssl_context = ssl.create_default_context()
41+
ssl_context.check_hostname = False
42+
ssl_context.verify_mode = ssl.CERT_NONE
43+
self._ws = await websockets.connect(self.url, ssl=ssl_context, **kwargs)
44+
else:
45+
self._ws = await websockets.connect(self.url, **kwargs)
4046
self.debug(f"{verbs[1]} websocket connection to {self.url}")
4147
return self._ws
4248

0 commit comments

Comments
 (0)