mgeeky-Penetration-Testing-.../phishing/gophish-send-mail/gophish-send-mail.py

203 lines
4.5 KiB
Python
Raw Permalink Normal View History

2021-10-17 15:22:05 +02:00
#!/usr/bin/python3
import os, sys, re
import string
import argparse
import yaml
import json
import requests
from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
options = {
'gophish_addr': '',
'token' : '',
'file' : '',
'template_name' : '',
'subject': '',
'first_name': '',
'last_name': '',
'position': '',
'sender': '',
'recipient': '',
'url' : '',
'dont_restore' : False
}
headers = {
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.71 Safari/537.36',
'Authorization': '',
}
def get(url):
r = requests.get(
f"{options['gophish_addr']}" + url,
headers = headers,
verify = False
)
if r.status_code != 200:
print(f'[!] URL: {url} returned status code: {r.status_code}!')
print(r.json())
sys.exit(1)
return r.json()
def put(url, data):
r = requests.put(
f"{options['gophish_addr']}" + url,
headers = headers,
json = data,
verify = False
)
if r.status_code != 200:
print(f'[!] URL: {url} returned status code: {r.status_code}!')
print(r.json())
sys.exit(1)
return r.json()
def post(url, data):
r = requests.post(
f"{options['gophish_addr']}" + url,
headers = headers,
json = data,
verify = False
)
if r.status_code != 200:
print(f'[!] URL: {url} returned status code: {r.status_code}!')
print(r.json())
sys.exit(1)
return r.json()
def getTemplate():
out = get("/api/templates/?{}")
for obj in out:
if obj['name'] == options['template_name']:
return obj
print(f'[!] Could not find template named: "{options["template_name"]}"!')
sys.exit(1)
def updateTemplate(template, html):
obj = {}
obj.update(template)
obj['html'] = html
if len(options['subject']) > 0:
obj['subject'] = options['subject']
out = put(f'/api/templates/{template["id"]}', obj)
def sendEmail():
obj = {
"template":{
"name": options['template_name']
},
"first_name": options['first_name'],
"last_name": options['last_name'],
"email": options['recipient'],
"position": options['position'],
"url":options['url'],
"page": {
"name": ""
},
"smtp": {
"name": options['sender']
}
}
out = post('/api/util/send_test_email', obj)
if out['success']:
print('[+] ' + out['message'])
else:
print('[!] ' + out['message'])
def opts(argv):
global options
global headers
o = argparse.ArgumentParser(
usage = 'gophish-send-mail.py [options] <config.yaml>'
)
req = o.add_argument_group('Required arguments')
req.add_argument('config', help = 'YAML config file')
args = o.parse_args()
op = None
with open(args.config, encoding='utf-8') as f:
op = yaml.safe_load(f)
for k in (
'gophish_addr',
'token',
'file',
'template_name',
'recipient',
'sender'
):
if k not in op.keys():
print(f'[!] {k} not specified!')
sys.exit(1)
if op['gophish_addr'][-1] == '/':
op['gophish_addr'] = op['gophish_addr'][:-1]
headers['Authorization'] = f'Bearer {op["token"]}'
options.update(op)
return op
def main(argv):
args = opts(argv)
if not args:
return False
print('''
:: GoPhish Single Mail Send utility
Helping you embellish your emails by sending them one-by-one
2021-10-24 23:11:42 +02:00
Mariusz Banach / mgeeky
2021-10-17 15:22:05 +02:00
''')
template = getTemplate()
print(f'''[+] Template to use:
ID: {template["id"]}
Name: {template["name"]}
Subject: {template["subject"]}
''')
print(f'[.] Updating it with file "{options["file"]}"...')
html = ''
with open(options['file'], 'rb') as f:
html = f.read()
updateTemplate(template, html.decode())
print('[+] Template updated.')
print(f'''[.] Sending e-mail via Campaign -> Send Test Email...
From: {options['sender']}
Recipient: {options['recipient']}
''')
sendEmail()
if not options['dont_restore']:
print('[.] Restoring template...')
updateTemplate(template, template['html'])
print('[+] Finished.')
if __name__ == '__main__':
main(sys.argv)