Fork: 0
0xRoM / GoSMS
Browse code
Initial commit
master
1 parent c4d4483 commit 2354a3e03792489d308d76fa745c8dcc7e69fdea
root authored on 18 May 2019
Patch
Unified Split
Showing 4 changed files
View
114
README.md
GoSMS
<u>GoSMS</u>
===============
 
SMSishing implementation using GoPhish
SMSishing implementation using GoPhish and Trilio SMS gateway
 
<u>Usage</u>
===============
replace email addresses with [mobile no]@gophish.sms where mobile number stats with country code prefix e.g. +44 = UK
 
SMS should contain less than 1600 characters otherwise will be split into multiple SMS's
 
Email template should be plaintext only, not HTML (this should be obvious)
 
non-MMS so dont use tracking image {{.Tracker}} or HTML contents
 
Email Opened - actually means delivered (Response from Trilio API)
 
<u>Setup</u>
===============
Clone this repo into /opt/GoSMS/
 
#Setup Postfix
 
1) Tell Postfix To Use Our Virtual Alias db and virtual domains in **/etc/postfix/main.cf**:
 
virtual_alias_maps = hash:/etc/postfix/virtual_maps, regexp:/etc/postfix/virtual_regexp
virtual_alias_domains=/etc/postfix/virtual_domains
 
2) add domain to **/etc/postfix/virtual_domains**
 
echo "gophish.sms" >> /etc/postfix/virtual_domains
 
3) Redirect the email to a local user by adding to **/etc/postfix/virtual_regexp**:
 
/^([^@]*)@gophish.sms$/ apache@localhost
 
4) Update **/etc/aliases** to redirect email addressed to the local user to a script:
 
apache: "|/usr/bin/php -q /opt/GoSMS/SendSMS.php"
 
5) Rebuild Aliases & Restart Postfix
 
sudo newaliases; sudo postfix reload; sudo service postfix restart
 
 
#setup GoSMS
 
1) Set correct variables in config.php (should be self explanitory)
 
2) Make SMSResponse.php accessible from the web, a couple of ways of doing this:
 
2a) Sore in webserver folder running on different port e.g. /var/www/html/SMSResponse.php with apache running on port 8888
 
2b) run a simple PHP server from the GoSMS directory:
 
php -S 0.0.0.0:8888
 
View
55
SMSResponse.php 0 → 100644
<?php
include('/opt/GoSMS/config.php');
 
if($_REQUEST['SmsStatus'] == "delivered" && isset($_REQUEST['To'])){
$phoneNo = $_REQUEST['To'];
echo "[?] Searching for running campaigns\n";
$curl = new curl();
$curl->url = "$GophishAPIURL/api/campaigns/?api_key=$key";
$list = $curl->curlQuery();
if(isset($list->message) && $list->message == "Invalid API Key"){
echo "[!] Invalid API key\n";
exit(0);
}else{
foreach($list as $id){
if($id['status'] == "In progress"){
echo "[+] Found: ID: ".$id['id']." Name: ".$id['name']."\n";
foreach($id['results'] as $victim){
echo "[?] Searching for victim with $phoneNo\n";
if($victim['email'] == "$phoneNo@gophish.sms"){
echo "[+] Found RID: ".$victim['id']."\n";
echo "[!] Grabbing tracking image\n";
$curl->url = "$PhishURL/track?rid=".$victim['id'];
$list = $curl->curlQuery();
}
}
}
}
}
exit(0);
}
 
class curl {
public function curlQuery() {
$ch = curl_init();
 
curl_setopt($ch, CURLOPT_URL, $this->url);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, True);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
//curl_setopt($ch, CURLOPT_VERBOSE, true); // verbose mode for debugging
 
$json = curl_exec($ch);
 
curl_close($ch);
 
$array = json_decode($json, true);
return $array;
}
}
 
?>
View
84
SendSMS.php 0 → 100755
<?php
include('/opt/GoSMS/config.php');
 
$email = file_get_contents("php://stdin");
$lines = explode("\n", $email);
 
$from = "";
$subject = "";
$to = "";
$orig = "";
$headers = "";
$message = "";
$splittingheaders = true;
for ($i=0; $i < count($lines); $i++) {
if ($splittingheaders) {
$headers .= $lines[$i]."\n";
if (preg_match("/^Subject: (.*)/", $lines[$i], $matches)) {
$subject = $matches[1];
}
if (preg_match("/^From: (.*)/", $lines[$i], $matches)) {
$from = $matches[1];
}
if (preg_match("/^To: (.*)/", $lines[$i], $matches)) {
$to = $matches[1];
}
if (preg_match("/^X-Original-To: (.*)/", $lines[$i], $matches)){
$orig = $matches[1];
}
} else {
// not a header, but message
$lines[$i] = str_replace("?rid=3D", "?rid=", $lines[$i]);
if(substr($lines[$i], -1) == "="){
$message .= rtrim($lines[$i], "=");
}else{
$message .= $lines[$i]."\n";
}
}
if (trim($lines[$i])=="") {
$splittingheaders = false;
}
}
 
// Got email and processed, time to send SMS...
 
$orig = str_replace("@gophish.sms", "", $orig);
$url = "https://api.twilio.com/2010-04-01/Accounts/$TwilioID/Messages.json";
$data = array (
'From' => $SMSFrom,
'To' => $orig,
'StatusCallback' => $Callback,
'Body' => $message,
);
$post = http_build_query($data);
$auth = "$TwilioID:$AuthToken";
 
$response = SendSMS($url, $post, $auth);
 
function SendSMS($url,$post=false,$auth=false,$timeout=30) {
$ch = curl_init();
 
curl_setopt($ch, CURLOPT_URL, $url);
if ($post) {
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
}
if($auth)
curl_setopt($ch, CURLOPT_USERPWD, $auth);
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
curl_setopt($ch,CURLOPT_ENCODING , "");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0");
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, FALSE);
curl_setopt($ch, CURLOPT_HEADER, false); //debug
curl_setopt($ch, CURLINFO_HEADER_OUT, true); // enable tracking DEBUG
$output=curl_exec($ch);
curl_close($ch);
return $output;
}
 
?>
View
15
config.php 0 → 100644
<?php
 
// Twilio settings
$TwilioID = ""; // Twilio account sid
$SMSFrom = ""; // Twilio mobile no.
$AuthToken = ""; // Twilio auth token
$Callback = "http://example.com:8888/SMSResponse.php"; // URL Twilio can reach to post to SMSResponse.php
 
// Local settings
$GophishAPIURL = ""; // URL of GoPhish API listner e.g. https://www.site.com:8080
$key = ""; // GoPhish API key
$PhishURL = "" // URL of Gophish campaign e.g. https://www.phishingsite.com
 
?>
Buy Me A Coffee