def getuserwithID(idgophish): try: api = Gophish(API_KEY_GOPHISH, host=ADDRESS_GOPHISH, verify=False) for current in api.campaigns.get(): if current.name in CAMPAINGN_NAME: for currentresult in current.results: if currentresult.id == idgophish: return currentresult.email except: print "ERROR GOPHISH" return "ERROR"
def main(): global api, sender_host, verify if sys.version_info < (3, 0, 0): exit('\nNot compatible with python 2\n') config = configparser.ConfigParser() config.read('phish.cfg') api_key = config.get('DEFAULT','api_key') host_url = config.get('DEFAULT','host_url') sender_host = config.get('DEFAULT','sender_host') verify = config.get('DEFAULT','verify') test = ["True", "False"] if verify in test: if not eval(verify): requests.packages.urllib3.disable_warnings() else: exit('Error: configuration variable (verify) is undefined') api = Gophish(api_key, host_url, verify=False) if len(sys.argv) == 10: args = sys.argv[1:] launch(args) elif len(sys.argv) == 2: flag = sys.argv[1] if flag == '-g': guide() exit('\nWrong number of command line arguments' '\n\nFormat: ./phish.py <title> <sendername> <senderemail> <targetlist.csv> <email.html> <emailsubject> <pageurl> <page.html> <launchtime>' '\n\n eg: ./phish.py "Campaign Name" "John Doe" [email protected] targets.csv email.html "Email Subject Line" http://phishing.com page.html 2018/06/29@14:30' '\n ./phish.py "Phish Test Title" "JK Rowling" [email protected] /path/targets.csv email.html "New Book" https://login.phishing.com page.html 1999/12/31@23:59\n' '\n\n title.............name for new campaign objects' '\n sendername........first and last name as should appear in email header' '\n senderemail.......address as should appear in email header' '\n targetlist........csv file (fieldnames=First Name,Last Name,Email,Position)' '\n email.html........contents of email in html format' '\n emailsubject......subject line as will appear in email' '\n pageurl...........phony link address to be used in email' '\n page.html.........contents of landing page in html format' '\n launchtime........date and time (24hr) to send email' '\n\n Alternative:' '\n -g................campaign creation guide ' '\n\n !format for launchtime MUST use format YYYY/MM/DD@HH:MM [eg: 2018/06/14@4:22]\n' )
def send_to_gophish(userList): ''' create a group with the forged email addresses into gophish ''' print(okBox + 'Connecting to the goPhish API') api = Gophish(apiKey, host=host, verify=False) targets = [ User(first_name=u.firstname, last_name=u.lastname, email=u.getMail(), position=u.position) for u in userList ] group = Group(name='l2gp - ' + company, targets=targets) api.groups.post(group) print(okBox + 'Group created !')
def connect_api(api_key, server): """Create a Gophish API connection.""" api = Gophish(api_key, host=server, verify=False) # Sets up connection and test that it works. try: api.campaigns.get() return api except Error as e: # Bad API Key raise Exception(f"Error Connecting: {e.message}") except MissingSchema as e: message = e.args[0].split(" '")[0] raise Exception(f"Error Connecting: {message}") except ConnectionError: raise Exception("Networking Error, unable to reach Gophish.") except Exception: raise Exception("Cannot connect to Gophish.")
def __init__(self, directory, target_domain, username_format, output_format, gophish_url, gophish_api_key): self.directory = directory self.target_domain = target_domain self.username_format = username_format self.output_format = output_format self.gophish_api = Gophish( gophish_api_key, host=gophish_url, verify=False) if (gophish_url and gophish_api_key) else None if self.directory and self.output_format: # If the output directory doesn't exist then create it if not os.path.exists(self.directory): os.mkdir(self.directory) self.output_path = f'{self.directory}/{self.target_domain}-{self.username_format}' # if the user wants to store results as a csv, write the csv header first if self.output_format == 'csv': self._write_csv_header()
def testparam(): if PORT_LISTEN < 1024 and os.geteuid() != 0: print "Droits root necessaire pour ecouter sur " + str(PORT_LISTEN) sys.exit(1) if NAME_MALICIOUS_BASIC_FILE != "": if not os.path.isfile(NAME_MALICIOUS_BASIC_FILE): print "Fichier " + NAME_MALICIOUS_BASIC_FILE + " introuvable" sys.exit(1) else: print "Aucun fichier francophone specifie" oui = raw_input('Continuer sans fichier francophone ? [y/n]') if oui != 'y': sys.exit(2) if NAME_MALICIOUS_BASIC_FILE_EN != "": if not os.path.isfile(NAME_MALICIOUS_BASIC_FILE_EN): print "Fichier " + NAME_MALICIOUS_BASIC_FILE_EN + " introuvable" sys.exit(3) else: print "Aucun fichier anglophone specifie" oui = raw_input('Continuer sans fichier anglophone ? [y/n]') if oui != 'y': sys.exit(4) try: api = Gophish(API_KEY_GOPHISH, host=ADDRESS_GOPHISH, verify=False) api.campaigns.get() except: print "Erreur connexion Gophish" oui = raw_input('Continuer sans Gophish ? [y/n]') if oui != 'y': sys.exit(5) print "Les campagnes observees seront \"" + ', '.join( CAMPAINGN_NAME) + "\"" oui = raw_input('Continuer ? [y/n]') if oui != 'y': sys.exit(4) print "Le domaine de destination du fichier sera \"" + ADDRESS_SERVER + "\"" oui = raw_input('Continuer ? [y/n]') if oui != 'y': sys.exit(4)
from gophish import Gophish from gophish.models import * from prettytable import PrettyTable from modules.creds import Credentials from modules.owa import OwaCredsTester from modules.netscaler import NetscalerCredsTester from modules.juniper import JuniperCredsTester import config DEBUG = False if hasattr(config, 'GophishClient'): api = Gophish(config.API_KEY, host=config.API_URL, client=config.GophishClient) else: api = Gophish(config.API_KEY, host=config.API_URL) # Some constants BROWSER_MSG = ['Email Opened', 'Clicked Link', 'Submitted Data'] class EventsFilter(): def __init__(self, email=None, ip=None, group=None): self.email = email self.ip = ip self.group = group
from gophish.models import * import urllib.request, json import ssl import re import config import fileimport import imaplib import email import io import base64 #Required declarations api_key = (config.api_key) gohost = "GOPHISH_ADMINURL HERE" campaignurl = "GOPHISH_CAMPAIGNURL_HERE" api = Gophish(api_key, host=gohost, verify=False) phishers = [] listReporters = [] uniqReporters = [] print("|" * 10 + "WELCOME TO GoEmailReporter" + "|" * 10) print("\n********An EMAIL REPORTING TOOL for GOPHISH*******") print("#######By ASHISH CHALKE#######\n") #Get campaign Name campaigndict = {} #Create an empty campaign dictionary print("Printing a list of available campaigns:") for campaign in api.campaigns.get(): #Use API Call to get all campaigns #Update campaigns to the campaigndict dictionary with campaignname:id format campaigndict.update([(campaign.name, str(campaign.id))]) #Print all the available Campaigns.
#!/usr/bin/env python3 import requests, sys, argparse, csv, os from gophish import Gophish from gophish.models import * from resources import config, hunterio, harvester, bing, mailshunt, webpage, github, hibp from datetime import datetime from resources.ui import * # Suppress certificate verification warnings. from requests.packages.urllib3.exceptions import InsecureRequestWarning requests.packages.urllib3.disable_warnings(InsecureRequestWarning) # Define the GoPhish API connection API = Gophish(config.GOPHISH_API_KEY, config.BASE_URL, verify=False) # Lists resources that Lure can use to search for e-mail addresses def list_resources(): gophish_status = check_connection() hibp_status = check_hibp_status(enable_hibp) if config.HUNTERIO == True: print(" [X] Hunter.io" + "\t\t\t" + gophish_status) if config.HUNTERIO == False: print(" [ ] Hunter.io" + "\t\t\t" + gophish_status) if config.LINKEDIN == True: print(" [X] LinkedIn" + "\t\t\t" + hibp_status) if config.LINKEDIN == False: print(" [ ] LinkedIn" + "\t\t\t" + hibp_status) if config.GITHUB == True: print(" [X] GitHub")
def main(): parser = argparse.ArgumentParser( description='Loads demo data into a Gophish instance', formatter_class=argparse.ArgumentDefaultsHelpFormatter) parser.add_argument('--api-key', type=str, required=True, help='The Gophish API key') parser.add_argument('--api-url', type=str, default='https://localhost:3333', help='The URL pointing to the Gophish admin server') parser.add_argument('--phish-url', type=str, default='http://localhost', help='The URL pointing to the Gophish phishing server') parser.add_argument('--num-groups', type=int, default=10, help='The number of groups to create') parser.add_argument('--num-members', type=int, default=100, help='The number of recipients in each group') parser.add_argument( '--percent-opened', type=int, default=50, help='Percent of users to open the emails in the campaign') parser.add_argument( '--percent-clicked', type=int, default=20, help='Percent of users to click the links in the campaign') parser.add_argument('--percent-submitted', type=int, default=5, help='Percent of users to submit data in the campaign') parser.add_argument( '--percent-reported', type=int, default=5, help='Percent of users to report the emails in the campaign') args = parser.parse_args() # Start our null SMTP server smtp = Controller(Sink(), hostname='127.0.0.1') smtp.start() api = Gophish(api_key=args.api_key, host=args.api_url, verify=False) # Generate our groups print('Generating Groups...') sys.stdout.flush() group_names = generate_groups(api, num_groups=args.num_groups, num_members=args.num_members) groups = [Group(name=group) for group in group_names] print('Generating SMTP') sys.stdout.flush() smtp = generate_sending_profile(api, '{}:{}'.format(smtp.hostname, smtp.port)) print('Generating Template') sys.stdout.flush() template = generate_template(api) print('Generating Landing Page') sys.stdout.flush() landing_page = generate_landing_page(api) print('Generating Campaigns') sys.stdout.flush() campaign = Campaign(name='Demo Campaign', groups=groups, page=landing_page, template=template, smtp=smtp, url=args.phish_url) campaign = api.campaigns.post(campaign) # Wait for the emails to be received while True: summary = api.campaigns.summary(campaign_id=campaign.id) if summary.stats.sent < len(campaign.results): if summary.stats.error: print( 'Encountered an error... Check the Gophish logs for details.' ) print('Exiting...') sys.exit(1) print( 'Waiting for mock emails to finish sending (this takes a few seconds)...' ) sys.stdout.flush() time.sleep(1) continue break generate_results(api, campaign, percent_opened=args.percent_opened, percent_clicked=args.percent_clicked, percent_submitted=args.percent_submitted, percent_reported=args.percent_reported) print( '\n\nAll set! You can now browse to {} to view the Gophish dashboard'. format(args.api_url)) print('The credentials are admin:gophish') print('Enjoy!')
groups = [Group(name='Group_Name')] template = Template(name='Email_Template_Name') page = Page(name='Landing_Page_Name') smtp = SMTP(name='Sender_Name') url = 'https://example.com' campaign = Campaign(name=name, groups=groups, template=template, page=page, url=url, smtp=smtp) campaign = api.campaigns.post(campaign) return campaign def delete_campaign(api, campaign_id): resp = api.campaigns.delete(campaign_id=campaign_id) return resp api = Gophish(API_KEY, host=HOST, verify=False) args = parser.parse_args() if args.id: resp = delete_campaign(api, args.id) if resp.success: print(f'[+] Deleted campaign with id {args.id}') else: print(f'[-] Failed to delete campaign with id {args.id}') campaign = start_campaign(api) if campaign.id: print(f'[+] Started new campaign with id {campaign.id}') else: print(f'[-] Failed to start new campaign')
useraccesskey=useraccesskey, usersecret=usersecret) #Get HTML from S3 landing_html = get_phish_template_landing_html( bucketname, template_id, useraccesskey=useraccesskey, usersecret=usersecret) mail_html = get_phish_template_mail_html(bucketname, template_id, useraccesskey=useraccesskey, usersecret=usersecret) host = "https://" + subdomain + ":" + port api = Gophish(API_KEY, host=host) #, verify=False) #Create variable names campaignName = campaignid + "-campaign" pageName = campaignid + "-page" groupName = campaignid + "-group" templateName = campaignid + "-template" smtpName = campaignid + "-smtp" #Create Landing Page landingpage = Page(name=pageName, capture_credentials=True, capture_passwords=True, redirect_url=redirect_url_text, html=landing_html) page = api.pages.post(landingpage)
def createGophishClient(): # This client has all methods attached to it necessary to create, read, and run our campaigns. return Gophish(GophishUtility.apiKey, host=GophishUtility.baseUri, verify=False)
from json import load __author__ = "binexisHATT" __version__ = 1.0 if __name__ == "__main__": set_completer(auto_complete) parse_and_bind("tab: complete") packages.urllib3.disable_warnings() prog_color = randint(1, 220) config_file = load(open("config.json")) config_file["api_key"] = environ["GOPHISH_API_KEY"] config_file["host"] = environ["GOPHISH_HOST"] gophish_client = Gophish(config_file["api_key"], host=config_file["host"], verify=False) print(""" \t┌────────────────────────────┐ \t│░█▀█░█░█░█▀█░█░█░▀█▀░█▀▀░█░█│ \t│░█▀▀░░█░░█▀▀░█▀█░░█░░▀▀█░█▀█│ \t│░▀░░░░▀░░▀░░░▀░▀░▀▀▀░▀▀▀░▀░▀│ \t└────────────────────────────┘ \tAuthor: @{} \tVersion: {} """.format(("%s" + __author__ + "%s") % (fg(randint(1, 220)), attr(0)), __version__)) main_menu_options = [("campaigns", "Enter campaigns menu"), ("groups", "Enter groups menu"),
targets_submitted = [] # Lists and dicts for holding prepared report data campaign_results_summary = [] # Output options report_format = None output_word_report = None output_xlsx_report = None xlsx_header_bg_color = "2d80b7" xlsx_header_font_color = "#FFFFFF" # Gain access to GoPhish api_key = 'c21434defd36f0158cb2803b2947cfec1bb0dd52296d9e645c41ecbbf4bdc27c' urllib3.disable_warnings() api = Gophish(api_key, host='https://127.0.0.1:3333/', verify=False) def get_report(user_in): print("do we get here") # Campaign Information campaign = api.campaigns.get(campaign_id=user_in) api.campaigns.complete(user_in) # Mark Campaign as complete cam_name = campaign.name cam_status = campaign.status launch_date = campaign.launch_date completed_date = campaign.completed_date cam_url = campaign.url # Collect SMTP information smtp = campaign.smtp
from gophish import Gophish #Change These! api_key = '' server = "http://GophishIP:port" campaignID = 0 api = Gophish(api_key, host='', verify=False) campaign = api.campaigns.get(campaign_id=campaignID) print("Submitted Data:") for event in campaign.timeline: if event.message == "Submitted Data": time = event.time login = event.details['payload']['login'][0] password = event.details['payload']['password'][0] print(time + "\tLogin:"******"\tPassword:"******"Clicked Link") for event in campaign.timeline: if event.message == "Clicked Link": time = event.time email = event.email print(time + "\tEmail:" + email)
from gophish import Gophish from gophish.models import * from pip._vendor.distlib.compat import raw_input api_key = raw_input("Enter your API Key:\n") host = raw_input("Enter your Host (I.E. https://server.net:3333):\n") api = Gophish(api_key, host=host, verify=False) # Ignore SSL Errors group_name = raw_input("Enter your Target Group:\n") groups = [Group(name=group_name)] page_name = raw_input("Enter the Name of your Landing Page:\n") page = Page(name=page_name) template_name = raw_input("Enter the name of your Template:\n") template = Template(name=template_name) smtp_name = raw_input("Enter the name of your Sending Profile:\n") smtp = SMTP(name=smtp_name) campaign_name = raw_input("Name your campaign!\n") campaign = Campaign(name=campaign_name, groups=groups, page=page, template=template, smtp=smtp) campaign = api.campaigns.post(campaign) print("Your Campaign ID is: " + campaign.id + "\n")
"--vverbose", required=False, help="Switch: very verbose output", action='store_true') args = vars(ap.parse_args()) gophishURL = args["gophish"] if gophishURL[-1] != "/": gophishURL = gophishURL + "/" apikey = args["apikey"] #response = requests.get(gophishURL+"api/campaigns/?api_key="+apikey, verify=False) #data = json.loads(response.text) urllib3.disable_warnings() api = Gophish(apikey, host=gophishURL, verify=False) if args["stats"] is not None: try: campaign = api.campaigns.get(campaign_id=args["stats"]) timeline = campaign.timeline for item in timeline: print(item.email + " | " + item.message) except (Exception, e): print(str(e)) finally: exit() if args["results"] is not None: try: campaign = api.campaigns.get(campaign_id=args["results"])