Git/mgeeky-Penetration-Testing-Tools
1
0
Fork 0
mirror of https://github.com/mgeeky/Penetration-Testing-Tools.git synced 2025-09-02 18:18:34 +02:00
Code Issues Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
Mariusz B. / mgeeky
2021-10-17 18:13:39 +02:00
parent dc8a2638f9
commit 4f90a4a16f
10 changed files with 42 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
phishing/RobustPentestMacro

Submodule phishing/RobustPentestMacro updated: 32992adea5...bb14d908d1

2
phishing/VisualBasicObfuscator

Submodule phishing/VisualBasicObfuscator updated: 80e7515ed6...3bfbe8ad16

41
phishing/decode-spam-headers.py
View File

@ -36,7 +36,15 @@ try:
import dns.resolver import dns.resolver
except ImportError: except ImportError:
print('[!] You need to install dnspython: $ pip3 install dnspython') print('''
[!] You need to install dnspython:
# pip3 install dnspython
If problem remains, re-install dnspython:
# pip3 uninstall dnspython
# pip3 install dnspython
''')
sys.exit(1) sys.exit(1)
options = { options = {
@ -216,8 +224,7 @@ class SMTPHeadersAnalysis:
'spm', 'spm',
'atp', 'atp',
'defend', 'defend',
'assassin', 'assassin',
'rbl'
) )
Headers_Known_For_Breaking_Line = ( Headers_Known_For_Breaking_Line = (
@ -251,6 +258,7 @@ class SMTPHeadersAnalysis:
'X-Spam-Level', 'X-Spam-Level',
'X-Spam-Flag', 'X-Spam-Flag',
'X-Spam-Report', 'X-Spam-Report',
'ARC-Authentication-Results',
) )
auth_result = { auth_result = {
@ -832,6 +840,7 @@ Results will be unsound. Make sure you have pasted your headers with correct spa
self.results['Bad Keywords In Headers'] = self.testBadKeywords() self.results['Bad Keywords In Headers'] = self.testBadKeywords()
self.results['From Address Analysis'] = self.testFrom() self.results['From Address Analysis'] = self.testFrom()
self.results['Authentication-Results'] = self.testAuthenticationResults() self.results['Authentication-Results'] = self.testAuthenticationResults()
self.results['ARC-Authentication-Results'] = self.testARCAuthenticationResults()
self.results['Received-SPF'] = self.testReceivedSPF() self.results['Received-SPF'] = self.testReceivedSPF()
self.results['Mail Client Version'] = self.testXMailer() self.results['Mail Client Version'] = self.testXMailer()
self.results['X-Forefront-Antispam-Report'] = self.testForefrontAntiSpamReport() self.results['X-Forefront-Antispam-Report'] = self.testForefrontAntiSpamReport()
@ -884,28 +893,30 @@ Results will be unsound. Make sure you have pasted your headers with correct spa
hhh = re.sub(r'(' + re.escape(dodgy) + r')', self.logger.colored(r'\1', 'red'), header, flags=re.I) hhh = re.sub(r'(' + re.escape(dodgy) + r')', self.logger.colored(r'\1', 'red'), header, flags=re.I)
tmp += f'\t({num0:02}) {self.logger.colored("Header", "magenta")}: {hhh}\n' tmp += f'\t({num0:02}) {self.logger.colored("Header", "magenta")}: {hhh}\n'
tmp += f'\t Value: {value[:80]}\n\n' tmp += f'\t Keyword: {dodgy}\n\n'
tmp += f'\t Value: {value[:80]}\n\n'
shown.add(header) shown.add(header)
break break
elif dodgy in value.lower() and header not in SMTPHeadersAnalysis.Handled_Spam_Headers: elif dodgy in value.lower() and header not in SMTPHeadersAnalysis.Handled_Spam_Headers:
num0 += 1 num0 += 1
hhh = header hhh = header
tmp += f'\t({num0:02}) Header: {hhh}\n' tmp += f'\t({num0:02}) Header: {hhh}\n'
pos = value.lower().find(dodgy) pos = value.lower().find(dodgy)
ctx = re.sub(r'(' + re.escape(dodgy) + r')', self.logger.colored(r'\1', 'red'), value, flags=re.I) ctx = re.sub(r'(' + re.escape(dodgy) + r')', self.logger.colored(r'\1', 'red'), value, flags=re.I)
if len(ctx) > 80: if len(ctx) > 80:
a = pos-40 a = pos-40
b = pos+len(dodgy)+40 b = -10 + pos + len(dodgy) + 30
if a < 0: a = 0 if a < 0: a = 0
if b > len(ctx): b = len(ctx) if b > len(ctx): b = len(ctx)
ctx = value[a:b] ctx = value[a:b]
tmp += f'\t {self.logger.colored("Value", "magenta")}: {ctx}\n\n' tmp += f'\t Keyword: {dodgy}\n\n'
tmp += f'\t {self.logger.colored("Value", "magenta")}: {ctx}\n\n'
shown.add(header) shown.add(header)
break break
@ -1046,7 +1057,12 @@ Results will be unsound. Make sure you have pasted your headers with correct spa
result += f'\t (first hop\'s domain: {self.logger.colored(firstHopDomain1, "cyan")})\n\n' result += f'\t (first hop\'s domain: {self.logger.colored(firstHopDomain1, "cyan")})\n\n'
if firstHopDomain1.lower() != senderDomain.lower(): if firstHopDomain1.lower() != senderDomain.lower():
response = dns.resolver.resolve(domain, 'TXT') response = None
try:
response = dns.resolver.resolve(domain, 'TXT')
except dns.resolver.NoAnswer as e:
response = []
spf = False spf = False
for answer in response: for answer in response:
@ -1718,6 +1734,15 @@ More information:
(num, header, value) = self.getHeader('Authentication-Results') (num, header, value) = self.getHeader('Authentication-Results')
if num == -1: return [] if num == -1: return []
return self._testAuthenticationResults(num, header, value)
def testARCAuthenticationResults(self):
(num, header, value) = self.getHeader('ARC-Authentication-Results')
if num == -1: return []
return self._testAuthenticationResults(num, header, value)
def _testAuthenticationResults(self, num, header, value):
value = SMTPHeadersAnalysis.flattenLine(value) value = SMTPHeadersAnalysis.flattenLine(value)
tests = {} tests = {}
result = '' result = ''

2
red-teaming/ElusiveMice

Submodule red-teaming/ElusiveMice updated: bfa8889dfb...36bd44e3f6

2
red-teaming/RedWarden

Submodule red-teaming/RedWarden updated: 828037bdd4...42e82dcd2f

2
red-teaming/SharpWebServer

Submodule red-teaming/SharpWebServer updated: 1b55dcd600...d80f2b1edb

2
red-teaming/cobalt-arsenal

Submodule red-teaming/cobalt-arsenal updated: ac7d054107...11cc93fc5d

2
web/tomcatWarDeployer

Submodule web/tomcatWarDeployer updated: a1a4453347...451d45e70c

2
windows/PE-library

Submodule windows/PE-library updated: 386b1c911e...093705972e

2
windows/UnhookMe

Submodule windows/UnhookMe updated: 1b9a426096...25e43b1ea5