def run():
foo = EmlServer(('127.0.0.1', 1025), None)
# logger.info("SMTP server started...")
logger.info("SMTP Server Started: {}: {}".format('127.0.0.1', 1025))
try:
asyncore.loop()
except KeyboardInterrupt:
pass
def process_message(self, peer, mailfrom, rcpttos, data, **kwargs):
# def process_message(self, peer, mailfrom, rcpttos, data, kwargs):
filename = '%s-%d.eml' % (datetime.now().strftime('%Y%m%d%H%M%S'),
self.no)
filename = 'inbox/' + filename
# print(filename)
f = open(filename, 'w')
f.write(data.decode())
logger.info("Email saved as: {}".format(filename))
self.no += 1
def send_list_command_to_gmail(self, list_command):
try:
for str_command in list_command:
byte_command = str_command.encode()
logger.info("Bot --> Gmail: {}".format(byte_command))
self.gmail_client_socket.sendall(byte_command)
time.sleep(0.1)
del list_command[:]
except Exception as e:
logger.error("Gmail client closed with exception: {}".format(e))
def send_to_gmail(self, data):
logger.debug("Previous command: {}".format(self.command))
logger.info("Thunderbird --> Gmail: {}".format(data))
command_str = data.decode()
try:
if self.command != 'append':
command_as_list = command_str.rstrip().split()
self.tag = command_as_list[0]
self.command = command_as_list[1]
if self.command == 'append':
pass
elif self.command == 'UID' and command_as_list[2] == 'fetch':
header_fetch_str = 'UID RFC822.SIZE FLAGS BODY.PEEK[HEADER.FIELDS'
# body_fetch_str = 'UID RFC822.SIZE BODY.PEEK'
body_fetch_str = 'UID RFC822.SIZE BODY'
if header_fetch_str in command_str:
self.fetch_header_tag = True
elif body_fetch_str in command_str:
self.fetch_body_tag = True
logger.info("body tag set")
else:
pass
else:
pass
else: # command is append
if data != b'\r\n':
self.command_data.append(command_str)
logger.debug("command data in string: {}".format(self.command_data))
else: # end of append command
# for time
prev_time = datetime.datetime.now()
is_recipient_vip, mail_object, to_address = cra.check_if_recipient_is_vip(self.command_data)
if not is_recipient_vip:
logger.info("To address: {} is not a vip, send it directly to gmail".format(to_address))
# self.send_list_command_to_gmail(self.command_data)
else:
self.command = ''
del self.command_data[:]
# this will send real email using mutated from address
m.mutate_and_send(mail_object)
curr_time = datetime.datetime.now()
time_diff = curr_time - prev_time
self.save_time_diff_in_file('mutation_time_MB_2.txt', time_diff.microseconds)
logger.debug("Command and tags: {} and {}".format(self.command, self.tag))
logger.info("Data is sending to gmail: {}".format(data))
self.gmail_client_socket.sendall(data)
except IndexError as e:
logger.error("Gmail client closed with exception: {}".format(e))
import smtp_server
from custom_log import logger
HOST = '127.0.0.1'
PORT = 1143
first_time = True
bind_ip = HOST
bind_port = PORT
server = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
server.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
server.bind((bind_ip, bind_port))
server.listen(5) # max backlog of connections
logger.info("IMAP Server Started: {}: {}".format(bind_ip, bind_port))
def handle_thunderbird_client_connection(thunderbird_client_socket,
gmail_client):
try:
while True:
response = thunderbird_client_socket.recv(1024)
if not response:
break
else:
gmail_client.send_to_gmail(response)
except Exception as e:
logger.error("Thunderbird client closed with exception: {}".format(e))
traceback.print_exc()
def send_raw_response_to_thinderbird(self, byte_response, additional_string=None):
if additional_string is None:
additional_string = "Gmail --> Thunderbird: {}"
logger.info(additional_string.format(byte_response))
self.thunderbird_client_socket.send(byte_response)
def receive_and_send(self):
logger.info("Gmail client is ready to receive and send back to ThunderBird")
list_response = []
while True:
try:
r = self.gmail_client_socket.recv(1024)
if not r:
break;
else:
str_response = r.decode()
logger.debug("String Response: {}".format(str_response))
capability = '* CAPABILITY IMAP4rev1 YESAUTH\r\n' + \
self.tag + ' OK Pre-login capabilities listed, post-login capabilities have more\r\n'
if 'CAPABILITY' in str_response:
if 'authenticated (Success)' not in str_response:
str_response = capability
else:
str_response = self.tag + ' OK login (Success)\r\n'
list_response.append(str_response)
one_sentence_response = cra.get_one_sentence(list_response)
if self.fetch_header_tag:
if 'OK Success' in one_sentence_response:
word_before_ok = self.previous_word('OK', one_sentence_response.split())
if self.tag == word_before_ok:
self.fetch_header_tag = False
logger.info("Fetched Email Header for analysis: {}".format(one_sentence_response))
from_address = cra.get_sender_email_address(one_sentence_response)
logger.info("from_address: {}".format(from_address))
is_vip = cra.check_if_sender_vip(from_address)
if is_vip:
# self.threat_flag = True
# self.flag_dict['threat_flag'] = True
logger.info("From address: {} is VIP, will adding THREAT alert in subject".format(
from_address))
one_sentence_response = cra.add_threat_in_subject(one_sentence_response)
elif cra.check_if_sender_shadow(from_address):
is_authentic, real_from_address = m.validate_sender(from_address, TO_ADDRESS)
if is_authentic:
logger.info("Mutation Authentication complete, will remove mutation id...")
self.shadow_sender_address = from_address
self.real_sender_address = real_from_address
# self.will_remove_mutation_id = True
self.flag_dict['remove_mutation_id_flag'] = True
one_sentence_response = cra.remove_mutation_id(one_sentence_response,
self.shadow_sender_address,
self.real_sender_address)
else:
# self.threat_flag = True
self.flag_dict['threat_flag'] = True
logger.info("Mutation Authentication failed, adding THREAT alert")
one_sentence_response = cra.add_threat_in_subject(one_sentence_response)
else:
pass
self.flag_queue.put(self.flag_dict)
else:
continue
# if self.fetch_body_tag:
# if 'OK Success' in one_sentence_response:
# word_before_ok = self.previous_word('OK', one_sentence_response.split())
# if self.tag == word_before_ok:
# self.fetch_body_tag = False
# if not self.flag_queue.empty():
# flag_dict = self.flag_queue.get()
# threat_flag = flag_dict['threat_flag']
# remove_mutation_id_flag = flag_dict['remove_mutation_id_flag']
# if threat_flag:
# one_sentence_response = cra.add_threat_in_subject(one_sentence_response)
# if remove_mutation_id_flag:
# one_sentence_response = cra.remove_mutation_id(one_sentence_response)
# logger.info("mutation id removed...")
# else:
# continue
if self.fetch_body_tag:
if 'OK Success' in one_sentence_response:
word_before_ok = self.previous_word('OK', one_sentence_response.split())
if self.tag == word_before_ok:
self.fetch_body_tag = False
logger.info("Fetched Complete Email for analysis: {}".format(one_sentence_response))
# can produce error
# from_address = cra.get_sender_email_address(one_sentence_response)
to_address, from_address, mail_object = cu.get_mail_from_str(one_sentence_response)
logger.info("from_address: {}, to_address: {}".format(from_address, to_address))
# for time diff
prev_time = datetime.datetime.now()
is_vip = cra.check_if_sender_vip(from_address)
if is_vip:
# self.threat_flag = True
# self.flag_dict['threat_flag'] = True
logger.info("From address: {} is VIP, will adding THREAT alert in subject".format(
from_address))
one_sentence_response = cra.add_threat_in_subject(one_sentence_response)
# for time diff
curr_time = datetime.datetime.now()
time_diff = curr_time - prev_time
self.save_time_diff_in_file('verification_time_MB_2.txt', time_diff.microseconds)
elif cra.check_if_sender_shadow(from_address):
is_authentic, real_from_address = m.validate_sender(from_address, to_address)
if is_authentic:
logger.info("Mutation Authentication complete, will remove mutation id...")
# self.shadow_sender_address = from_address
# self.real_sender_address = real_from_address
# self.will_remove_mutation_id = True
# self.flag_dict['remove_mutation_id_flag'] = True
# one_sentence_response = cra.remove_mutation_id(one_sentence_response,
# self.shadow_sender_address,
# self.real_sender_address)
one_sentence_response = cra.remove_mutation_id(one_sentence_response,
from_address, real_from_address)
else:
# self.threat_flag = True
# self.flag_dict['threat_flag'] = True
logger.info("Mutation Authentication failed, adding THREAT alert")
one_sentence_response = cra.add_threat_in_subject(one_sentence_response)
# for time diff
curr_time = datetime.datetime.now()
time_diff = curr_time - prev_time
self.save_time_diff_in_file('verification_time_MB_2.txt', time_diff.microseconds)
else:
pass
# self.flag_queue.put(self.flag_dict)
else:
continue
# one_sentence_response = cra.get_one_sentence(list_response)
self.send_response_to_thinderbird(one_sentence_response)
del list_response[:]
# self.send_list_response_to_thinderbird(list_response)
except BrokenPipeError as e:
logger.error("ThunderBird Client socket is down: {}".format(e))
traceback.print_exc()
return