From bb6a83a303ba8ba188155110144425b0a49f94a7 Mon Sep 17 00:00:00 2001 From: "Mariusz B. / mgeeky" Date: Wed, 27 Oct 2021 03:46:08 +0200 Subject: [PATCH] update --- phishing/README.md | 2 +- phishing/decode-spam-headers.py | 7 +++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/phishing/README.md b/phishing/README.md index 549efe9..336c0ab 100644 --- a/phishing/README.md +++ b/phishing/README.md @@ -1,7 +1,7 @@ ## Phishing and Social-Engineering related scripts, tools and CheatSheets -- **`decode-spam-headers.py`** - This tool accepts on input an `*.EML` or `*.txt` file with all the SMTP headers. It will then extract a subset of interesting headers and using **37+** tests will attempt to decode them as much as possible. +- **`decode-spam-headers.py`** - This tool accepts on input an `*.EML` or `*.txt` file with all the SMTP headers. It will then extract a subset of interesting headers and using **79+** tests will attempt to decode them as much as possible. This script also extracts all IPv4 addresses and domain names and performs full DNS resolution of them. diff --git a/phishing/decode-spam-headers.py b/phishing/decode-spam-headers.py index c41ea91..66c2cd6 100644 --- a/phishing/decode-spam-headers.py +++ b/phishing/decode-spam-headers.py @@ -1233,8 +1233,11 @@ Results will be unsound. Make sure you have pasted your headers with correct spa ('Header Containing Client IP', self.testAnyOtherIP), ) + testsConducted = 0 + for testName, testFunc in tests: try: + testsConducted += 1 self.logger.dbg(f'Running "{testName}"...') self.results[testName] = testFunc() @@ -1253,6 +1256,7 @@ Results will be unsound. Make sure you have pasted your headers with correct spa if self.decode_all: for testName, testFunc in testsDecodeAll: try: + testsConducted += 1 self.logger.dbg(f'Running "{testName}"...') self.results[testName] = testFunc() @@ -1270,6 +1274,7 @@ Results will be unsound. Make sure you have pasted your headers with correct spa for testName, testFunc in testsReturningArray: try: + testsConducted += 1 self.logger.dbg(f'Running "{testName}"...') outs = testFunc() @@ -1305,6 +1310,8 @@ Results will be unsound. Make sure you have pasted your headers with correct spa self.logger.dbg('\n------------------------------------------\n\n') + self.logger.dbg(f'Conducted {testsConducted} tests on provided SMTP headers.') + return {k: v for k, v in self.results.items() if v} @staticmethod