updates
This commit is contained in:
mgeeky
parent
b0d23f9fac
commit
9cf4296bfe
|
|
@ -650,23 +650,29 @@ Therefore you will have better chances of delivering your phishing e-mail when y
|
||||||
except:
|
except:
|
||||||
continue
|
continue
|
||||||
|
|
||||||
text = link.getText()
|
text = link.getText().replace('\n', '').strip()
|
||||||
params = dict(parse.parse_qsl(parse.urlsplit(href).query))
|
params = dict(parse.parse_qsl(parse.urlsplit(href).query))
|
||||||
|
|
||||||
if len(params) > 0:
|
if len(params) > 0:
|
||||||
num += 1
|
num += 1
|
||||||
|
|
||||||
if num < 5:
|
if num < 5:
|
||||||
context += PhishingMailParser.context(link) + '\n'
|
context += PhishingMailParser.context(link) + '\n\n'
|
||||||
hr = href[:90]
|
hr = href
|
||||||
pos = hr.find('?')
|
pos = hr.find('?')
|
||||||
|
if pos != -1:
|
||||||
hr = hr[:pos] + logger.colored(hr[pos:], 'yellow')
|
hr = hr[:pos] + logger.colored(hr[pos:], 'yellow')
|
||||||
|
|
||||||
context += f'\thref = "{hr}"\n'
|
hr = hr.replace('\n', '').strip()
|
||||||
context += f'\ttext = "{text[:90]}"\n\n'
|
context += f'\thref = "{hr}"\n\n'
|
||||||
|
f = ''
|
||||||
|
for k, v in params.items():
|
||||||
|
f += f'{k}={v[:5]}..., '
|
||||||
|
|
||||||
|
context += f'\tparams = {f}\n\n'
|
||||||
|
|
||||||
if num > 0:
|
if num > 0:
|
||||||
result += f'- Found {num} <a> tags with href="..." URLs containing GET params.\n'
|
result += f'- Found {logger.colored(num, "red")} <a> tags with href="..." {logger.colored("URLs containing GET params", "yellow")}.\n'
|
||||||
result += '\t Links with URLs that contain GET params might trigger anti-spam rule (Office365: 21615005)\n'
|
result += '\t Links with URLs that contain GET params might trigger anti-spam rule (Office365: 21615005)\n'
|
||||||
|
|
||||||
if len(result) == 0:
|
if len(result) == 0:
|
||||||
|
|
@ -869,7 +875,8 @@ Therefore you will have better chances of delivering your phishing e-mail when y
|
||||||
def testEmbeddedImages(self):
|
def testEmbeddedImages(self):
|
||||||
images = self.soup('img')
|
images = self.soup('img')
|
||||||
|
|
||||||
desc = 'Embedded images can increase Spam Confidence Level (SCL) in Office365 by 4 points. Embedded images are those with <img src="data:image/png;base64,<BLOB>"/> . They should be avoided.'
|
x = '<img src="data:image/png;base64,<BLOB>"/>'
|
||||||
|
desc = f'Embedded images can increase Spam Confidence Level (SCL) in Office365. Embedded images are those with {logger.colored(x,"yellow")} . They should be avoided.'
|
||||||
context = ''
|
context = ''
|
||||||
result = ''
|
result = ''
|
||||||
num = 0
|
num = 0
|
||||||
|
|
@ -903,8 +910,8 @@ Therefore you will have better chances of delivering your phishing e-mail when y
|
||||||
context += ctx + '\n'
|
context += ctx + '\n'
|
||||||
|
|
||||||
if num > 0:
|
if num > 0:
|
||||||
result += f'- Found {num} <img> tags with embedded image ({embed}).\n'
|
result += f'- Found {logger.colored(num, "red")} <img> tags with embedded image ({logger.colored(embed, "yellow")}).\n'
|
||||||
result += '\t Embedded images increase Office365 SCL (Spam) level by 4 points!\n'
|
result += '\t Embedded images increase Office365 SCL (Spam) level!\n'
|
||||||
|
|
||||||
if len(result) == 0:
|
if len(result) == 0:
|
||||||
return []
|
return []
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue