Skip to content

Slack bot used with piClicker for Wireless Capture the flag and hunting foxes


Notifications You must be signed in to change notification settings


Folders and files

Last commit message
Last commit date

Latest commit



10 Commits

Repository files navigation

Related to project:


AWS Profile

Setup a profile in ~/.aws/credentials


aws_access_key_id = xxxxxxxxxxxxxxxxxxxx
aws_secret_access_key = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

setup virtualenv (assumes bash)


source ./venv/bin/activate

pre-setup (2) two elastic ips and make a note of their id's


Setup & Teardown of the bot environment

Setting up DB / VPC

Run the command: (this will likely take ~20 minutes to complete, mostly due to RDS setup)

./env_setup/ --environment dev --profile personal --eip1 eipalloc-xxxxxxxx --eip2 eipalloc-xxxxxxxx --acl

for more flags issue ./env_setup/ -h

Tearing it down

1.) Delete contents of created bucket 2.) Go to cloudformation, delete stack with the label previously assigned in the setup_lambda_rds command

Setting up the DB / tables

./env_setup/ init --environment dev --sql_user mysqluser

Editing environment settings

using example in ./env_setup/dev.json

set connection_type to "mysql_rds"

  • "connection_type" : "mysql_rds"

generate random token

  • "ctftoken" : "Q4stYvFUQJV0bewIvcuwILD2X0j12IVPbg7dHzsy"

set empty events line, see Zappa documentation on the format of the events array

  • "events": []

set the default log level - can be any log level logging.setLevel(*) understands

  • "log_level": 'DEBUG'

set team_id

slack bot setup

Enable callback (will be disabled after)

edit and set ENABLE_CALLBACK to True

fill out credentials in ./env_setup/dev.json

  • "slack_client_id"
  • "slack_client_secret"
  • "slack_signing_secret"
  • "slack_verification_token"
  • Get App Credential Values

create exception logging channel and webhook

  • Create channel #lambda_bot_exceptions
  • setup webhook for exceptions
    • enter value for key "exception_hook_url" in ./env_setup/dev.json
    • Webhook Graphic

deploy slack bot lambda

  • insert gpg key fingerprint (no spaces) into ./env_setup/gpg.recipients
  • run ./env_setup/
    • this will generate the zappa_config.json and encrypt the config's secrets for storage in source control (if desired)
  • run ./ and source ./venv/bin/active to prep environment
  • zappa deploy, make note of the URL for next steps
    • Zappa Deploy Graphic

enable bot account

  • Enable Bot Account

set callback url

  • enter callback url with ext /callback i.e.
  • Set Callback URL

set permissions

  • Set Permissions

set api token usage to the two EIP's defined previously

  • Set API EIP's

install to workspace by clicking the "Add to Slack" button

  • Add to workspace
    • Click Add to Slack for workspace
  • Set Default bot channel
    • Add bot default channel
  • verify the authdata is there with the command: zappa invoke scheduled_tasks.show_authed_teams
    • you should see a json output with the newly created auth data!

backup authdata (set with callback)

  • run: ./env_setup/ export -e dev -d ./env_setup
  • move the file to ./env_setup/authed-data.json, and edit out all tables other than authed_data

enable form / menu interactive components

  • enter base url for request component url /form i.e.
  • enter base url for options load url /menu i.e.
  • Set Interactive Component URLs

create "slash" command

  • enter base url with extension /cmd i.e.
  • Set Slash Command URL's

Disable Callback

edit and set ENABLE_CALLBACK to False

  • update environment by issuing: zappa update dev

Test bot operation with add command

  • Test bot with Add command

Example Configs

environment config (dev.json.gpg)

    "dbport" : "3306",
    "slack_client_secret" : "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
    "igwsub1" : "subnet-xxxxxxxa",
    "igwsub2" : "subnet-xxxxxxxb",
    "s3bucket" : "wctf-vpc-rds-vpc-xxxxxxxx",
    "profile_name" : "myprofile",
    "connection_type" : "mysql_rds",
    "slack_client_id" : "000000000000.000000000000",
    "sql_password" : "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
    "sglambda" : "sg-xxxxxxxx",
    "log_level" : "DEBUG",
    "slack_verification_token" : "xxxxxxxxxxxxxxxxxxxxxxxx",
    "master_password" : "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
    "sql_user" : "normal_user",
    "sgrdsinternal" : "sg-xxxxxxxa",
    "sgrdsexternal" : "sg-xxxxxxxb",
    "vpc" : "vpc-xxxxxxxx",
    "slack_signing_secret" : "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
    "dbinstance" : "xxxxxxxxxxxxxxx",
    "base_name" : "wctf-vpc-rds",
    "exception_hook_url": "",
    "endpoint_address" : "",
    "privsub1" : "subnet-xxxxxxxa",
    "privsub2" : "subnet-xxxxxxxb",
    "region" : "us-east-2",
    "master_user" : "master_user",
    "ctftoken": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
    "events": [
            "function": "scheduled_tasks.show_countdown",
            "expression": "cron(0 19 * * ? *)"

authdata restore config

example ./env_setup/authdata-dev.json

    "db_wctf" : {
        "slack_authed_teams" : [
                "team_id" : "TXXXXXXXX",
                "team_json" : {
                    "py/object" : "sqlalchemy.ext.mutable.MutableDict",
                    "py/state" : {
                        "team_id" : "TXXXXXXXX",
                        "ok" : true,
                        "scope" : "identify,bot,commands,incoming-webhook",
                        "access_token" : "xoxp-xxxxxxxxxxxx-xxxxxxxxxxxx-xxxxxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
                        "user_id" : "UXXXXXXXX",
                        "team_name" : "Super Awesome WCTF Team",
                        "bot" : {
                            "bot_user_id" : "UXXXXXXXX",
                            "bot_access_token" : "xoxb-xxxxxxxxxxxx-xxxxxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxx"
                        "incoming_webhook" : {
                            "url" : "",
                            "channel_id" : "CXXXXXXXX",
                            "channel" : "#lambda_bot_exceptions",
                            "configuration_url" : ""


No releases published


No packages published
