Fork me on GitHub

Wire App: Bot Registration Scripts

Registering a bot with Wire Secure Messaging Services

You may be attempting to register your bot with the backend of Wire's secure messaging service. 

On most of the Wire github repositories for the various bots that have been developed, they all make mention of adding the "Don" bot or the "DevBot" in order to register your bot with their service.

Unfortunately, the "Don" bot as far as I am aware has been moved to Wire's Secure Messaging Teams. The "DevBot" I don't really know all that much about.

So you still might be wondering, how on earth do I register my service? Well during my scouring of the Wire repositories on github I came across a few shell scripts created by Dejan Kovacevic whom has created the Java based bot.

Blacklight Vulnhub Walkthrough

Blacklight Vulnhub VM

Blacklight Vulnhub Walkthrough

WARNING: There will be spoilers to Blacklight VM from Vulnhub. This is your warning! If you wish to penetration test this machine, do not scroll down much further.

The Blacklight Vulnhub VM was a rather short and simple system to pen test but may have a few tricks to it as well as rabbit holes.  There were a few flags but I just wanted to obtain root. As such, the flags will not be listed in this particular walkthrough.

The Blacklight Vulnhub VM download can be found here: https://www.vulnhub.com/entry/blacklight-1,242/

Basic Pentesting 1 Walkthrough

WARNING: There will be spoilers to Basic Pentesting 1 VM from Vulnhub. This is your warning! If you wish to penetration test this machine, do not scroll down much further.

 The Basic Pentesting 1 VM download from Vulnhub can be found here: https://www.vulnhub.com/entry/basic-pentesting-1,216/

Here's the basic description:

This is a small boot2root VM I created for my university’s cyber security group. It contains multiple remote vulnerabilities and multiple privilege escalation vectors. I did all of my testing for this VM on VirtualBox, so that’s the recommended platform. I have been informed that it also works with VMware, but I haven’t tested this personally.

Bob 1.0.1 Walthrough

Bob Vulnhub VM
WARNING: There will be spoilers to Bob 1.0.1 VM from Vulnhub. This is your warning! If you wish to penetration test this machine, do not scroll down much further.

 The Bob 1.0.1 VM download from Vulnhub can be found here: https://www.vulnhub.com/entry/bob-101,226/

The creator of this VM is c0rruptedb1t

Here's the basic description:

Difficulty: Beginner/Intermediate


Bob is my first CTF VM that I have ever made so be easy on me if it's not perfect.

BSides Vancouver: 2018 (Workshop) Walkthrough

BSides Vancouver: 2018 (Workshop)
WARNING: There will be spoilers to BSides Vancouver: 2018 (Workshop) VM from Vulnhub. This is your warning! If you wish to penetration test this machine, do not scroll down much further.

 The BSides Vancouver: 2018 (Workshop) VM download from Vulnhub can be found here: https://www.vulnhub.com/entry/bsides-vancouver-2018-workshop,231/

The creator of this VM is abatchy

Here's the basic description:

Boot2root challenges aim to create a safe environment where you can perform real-world penetration testing on an (intentionally) vulnerable target.

Pinky's Palace v1 Walkthrough

pinky's palace
WARNING: There will be spoilers to Pinky's Palace v1 VM from Vulnhub. This is your warning! If you wish to penetration test this machine, do not scroll down much further.
General disclaimer: I am by no means an expert penetration tester nor do I have a lot of experience doing penetration testing. This walkthrough is from the perspective of an amateur whom is trying to become better. The goal is for me to eventially take the OCSP. That being said, I had a bit of help from some colleagues from my company getting started but they by no means gave me the answers. I will be posting some of my hardships from a beginner perspective.

Wire App: Bot Service Registration

The following URL is the one required to register a new Wire App Bot provider: https://prod-nginz-https.wire.com/provider/services

When crafting your API call to register a new bot service, you should be using the POST method. This is not to be confused with registering a provider.

For the headers use the following key:value pair:

Content-Type: application/json

The Body of the request should be the following:

Wire App: Bot Authentication

The following URL is the one required to register a new Wire App Bot provider: https://prod-nginz-https.wire.com/provider/login

When crafting your API call to register a new bot provider, you should be using the POST method.

For the headers use the following key:value pair:

Content-Type: application/json

The Body of the request should be the following:

{"email": "The email you registered the provider with", "password": "The password you received after registering as a bot provider"}

I used Postman, a piece of software, that makes API development easier. It can be obtained here: https://www.getpostman.com/

If you prefer to use cURL, the command would be as follows:

Wire App: Bot Provider Registration

The following URL is the one required to register a new Wire App Bot provider: https://prod-nginz-https.wire.com/provider/register

When crafting your API call to register a new bot provider, you should be using the POST method.

For the headers use the following key:value pair:

Content-Type: application/json

The Body of the request should be the following:

{"name": "Name of the Bot", "email": "Email to register the bot under", "url": "enter your website or just use https://","description": "Description about your bot"}

Once you submit your API call, check your email for a registration verification link. 

I used Postman, a piece of software, that makes API development easier. It can be obtained here: https://www.getpostman.com/