diff --git a/README.md b/README.md
index a37f455..2e0c57f 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,58 @@
-GoSMS
+GoSMS
===============
-SMSishing implementation using GoPhish
\ No newline at end of file
+SMSishing implementation using GoPhish and Trilio SMS gateway
+
+Usage
+===============
+replace email addresses with [mobile no]@gophish.sms where mobile number stats with country code prefix e.g. +44 = UK
+
+SMS should contain less than 1600 characters otherwise will be split into multiple SMS's
+
+Email template should be plaintext only, not HTML (this should be obvious)
+
+non-MMS so dont use tracking image {{.Tracker}} or HTML contents
+
+Email Opened - actually means delivered (Response from Trilio API)
+
+Setup
+===============
+Clone this repo into /opt/GoSMS/
+
+#Setup Postfix
+
+1) Tell Postfix To Use Our Virtual Alias db and virtual domains in **/etc/postfix/main.cf**:
+
+ virtual_alias_maps = hash:/etc/postfix/virtual_maps, regexp:/etc/postfix/virtual_regexp
+ virtual_alias_domains=/etc/postfix/virtual_domains
+
+2) add domain to **/etc/postfix/virtual_domains**
+
+ echo "gophish.sms" >> /etc/postfix/virtual_domains
+
+3) Redirect the email to a local user by adding to **/etc/postfix/virtual_regexp**:
+
+ /^([^@]*)@gophish.sms$/ apache@localhost
+
+4) Update **/etc/aliases** to redirect email addressed to the local user to a script:
+
+ apache: "|/usr/bin/php -q /opt/GoSMS/SendSMS.php"
+
+5) Rebuild Aliases & Restart Postfix
+
+ sudo newaliases; sudo postfix reload; sudo service postfix restart
+
+
+#setup GoSMS
+
+1) Set correct variables in config.php (should be self explanitory)
+
+2) Make SMSResponse.php accessible from the web, a couple of ways of doing this:
+
+2a) Sore in webserver folder running on different port e.g. /var/www/html/SMSResponse.php with apache running on port 8888
+
+2b) run a simple PHP server from the GoSMS directory:
+
+ php -S 0.0.0.0:8888
+
+
diff --git a/README.md b/README.md
index a37f455..2e0c57f 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,58 @@
-GoSMS
+GoSMS
===============
-SMSishing implementation using GoPhish
\ No newline at end of file
+SMSishing implementation using GoPhish and Trilio SMS gateway
+
+Usage
+===============
+replace email addresses with [mobile no]@gophish.sms where mobile number stats with country code prefix e.g. +44 = UK
+
+SMS should contain less than 1600 characters otherwise will be split into multiple SMS's
+
+Email template should be plaintext only, not HTML (this should be obvious)
+
+non-MMS so dont use tracking image {{.Tracker}} or HTML contents
+
+Email Opened - actually means delivered (Response from Trilio API)
+
+Setup
+===============
+Clone this repo into /opt/GoSMS/
+
+#Setup Postfix
+
+1) Tell Postfix To Use Our Virtual Alias db and virtual domains in **/etc/postfix/main.cf**:
+
+ virtual_alias_maps = hash:/etc/postfix/virtual_maps, regexp:/etc/postfix/virtual_regexp
+ virtual_alias_domains=/etc/postfix/virtual_domains
+
+2) add domain to **/etc/postfix/virtual_domains**
+
+ echo "gophish.sms" >> /etc/postfix/virtual_domains
+
+3) Redirect the email to a local user by adding to **/etc/postfix/virtual_regexp**:
+
+ /^([^@]*)@gophish.sms$/ apache@localhost
+
+4) Update **/etc/aliases** to redirect email addressed to the local user to a script:
+
+ apache: "|/usr/bin/php -q /opt/GoSMS/SendSMS.php"
+
+5) Rebuild Aliases & Restart Postfix
+
+ sudo newaliases; sudo postfix reload; sudo service postfix restart
+
+
+#setup GoSMS
+
+1) Set correct variables in config.php (should be self explanitory)
+
+2) Make SMSResponse.php accessible from the web, a couple of ways of doing this:
+
+2a) Sore in webserver folder running on different port e.g. /var/www/html/SMSResponse.php with apache running on port 8888
+
+2b) run a simple PHP server from the GoSMS directory:
+
+ php -S 0.0.0.0:8888
+
+
diff --git a/SMSResponse.php b/SMSResponse.php
new file mode 100644
index 0000000..2ec7344
--- /dev/null
+++ b/SMSResponse.php
@@ -0,0 +1,55 @@
+url = "$GophishAPIURL/api/campaigns/?api_key=$key";
+ $list = $curl->curlQuery();
+
+ if(isset($list->message) && $list->message == "Invalid API Key"){
+ echo "[!] Invalid API key\n";
+ exit(0);
+ }else{
+ foreach($list as $id){
+ if($id['status'] == "In progress"){
+ echo "[+] Found: ID: ".$id['id']." Name: ".$id['name']."\n";
+ foreach($id['results'] as $victim){
+ echo "[?] Searching for victim with $phoneNo\n";
+ if($victim['email'] == "$phoneNo@gophish.sms"){
+ echo "[+] Found RID: ".$victim['id']."\n";
+ echo "[!] Grabbing tracking image\n";
+ $curl->url = "$PhishURL/track?rid=".$victim['id'];
+ $list = $curl->curlQuery();
+ }
+ }
+ }
+
+ }
+ }
+ exit(0);
+}
+
+class curl {
+ public function curlQuery() {
+ $ch = curl_init();
+
+ curl_setopt($ch, CURLOPT_URL, $this->url);
+ curl_setopt($ch, CURLOPT_HEADER, 0);
+ curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, True);
+ curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+ //curl_setopt($ch, CURLOPT_VERBOSE, true); // verbose mode for debugging
+
+ $json = curl_exec($ch);
+
+ curl_close($ch);
+
+ $array = json_decode($json, true);
+ return $array;
+ }
+}
+
+?>
\ No newline at end of file
diff --git a/README.md b/README.md
index a37f455..2e0c57f 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,58 @@
-GoSMS
+GoSMS
===============
-SMSishing implementation using GoPhish
\ No newline at end of file
+SMSishing implementation using GoPhish and Trilio SMS gateway
+
+Usage
+===============
+replace email addresses with [mobile no]@gophish.sms where mobile number stats with country code prefix e.g. +44 = UK
+
+SMS should contain less than 1600 characters otherwise will be split into multiple SMS's
+
+Email template should be plaintext only, not HTML (this should be obvious)
+
+non-MMS so dont use tracking image {{.Tracker}} or HTML contents
+
+Email Opened - actually means delivered (Response from Trilio API)
+
+Setup
+===============
+Clone this repo into /opt/GoSMS/
+
+#Setup Postfix
+
+1) Tell Postfix To Use Our Virtual Alias db and virtual domains in **/etc/postfix/main.cf**:
+
+ virtual_alias_maps = hash:/etc/postfix/virtual_maps, regexp:/etc/postfix/virtual_regexp
+ virtual_alias_domains=/etc/postfix/virtual_domains
+
+2) add domain to **/etc/postfix/virtual_domains**
+
+ echo "gophish.sms" >> /etc/postfix/virtual_domains
+
+3) Redirect the email to a local user by adding to **/etc/postfix/virtual_regexp**:
+
+ /^([^@]*)@gophish.sms$/ apache@localhost
+
+4) Update **/etc/aliases** to redirect email addressed to the local user to a script:
+
+ apache: "|/usr/bin/php -q /opt/GoSMS/SendSMS.php"
+
+5) Rebuild Aliases & Restart Postfix
+
+ sudo newaliases; sudo postfix reload; sudo service postfix restart
+
+
+#setup GoSMS
+
+1) Set correct variables in config.php (should be self explanitory)
+
+2) Make SMSResponse.php accessible from the web, a couple of ways of doing this:
+
+2a) Sore in webserver folder running on different port e.g. /var/www/html/SMSResponse.php with apache running on port 8888
+
+2b) run a simple PHP server from the GoSMS directory:
+
+ php -S 0.0.0.0:8888
+
+
diff --git a/SMSResponse.php b/SMSResponse.php
new file mode 100644
index 0000000..2ec7344
--- /dev/null
+++ b/SMSResponse.php
@@ -0,0 +1,55 @@
+url = "$GophishAPIURL/api/campaigns/?api_key=$key";
+ $list = $curl->curlQuery();
+
+ if(isset($list->message) && $list->message == "Invalid API Key"){
+ echo "[!] Invalid API key\n";
+ exit(0);
+ }else{
+ foreach($list as $id){
+ if($id['status'] == "In progress"){
+ echo "[+] Found: ID: ".$id['id']." Name: ".$id['name']."\n";
+ foreach($id['results'] as $victim){
+ echo "[?] Searching for victim with $phoneNo\n";
+ if($victim['email'] == "$phoneNo@gophish.sms"){
+ echo "[+] Found RID: ".$victim['id']."\n";
+ echo "[!] Grabbing tracking image\n";
+ $curl->url = "$PhishURL/track?rid=".$victim['id'];
+ $list = $curl->curlQuery();
+ }
+ }
+ }
+
+ }
+ }
+ exit(0);
+}
+
+class curl {
+ public function curlQuery() {
+ $ch = curl_init();
+
+ curl_setopt($ch, CURLOPT_URL, $this->url);
+ curl_setopt($ch, CURLOPT_HEADER, 0);
+ curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, True);
+ curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+ //curl_setopt($ch, CURLOPT_VERBOSE, true); // verbose mode for debugging
+
+ $json = curl_exec($ch);
+
+ curl_close($ch);
+
+ $array = json_decode($json, true);
+ return $array;
+ }
+}
+
+?>
\ No newline at end of file
diff --git a/SendSMS.php b/SendSMS.php
new file mode 100755
index 0000000..3f510f3
--- /dev/null
+++ b/SendSMS.php
@@ -0,0 +1,83 @@
+ $SMSFrom,
+ 'To' => $orig,
+ 'StatusCallback' => $Callback,
+ 'Body' => $message,
+);
+$post = http_build_query($data);
+$auth = "$TwilioID:$AuthToken";
+
+$response = SendSMS($url, $post, $auth);
+
+function SendSMS($url,$post=false,$auth=false,$timeout=30) {
+ $ch = curl_init();
+
+ curl_setopt($ch, CURLOPT_URL, $url);
+ if ($post) {
+ curl_setopt($ch, CURLOPT_POST, 1);
+ curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
+ }
+ if($auth)
+ curl_setopt($ch, CURLOPT_USERPWD, $auth);
+ curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
+ curl_setopt($ch,CURLOPT_ENCODING , "");
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+ curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0");
+ curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
+ curl_setopt($ch, CURLOPT_FOLLOWLOCATION, FALSE);
+ curl_setopt($ch, CURLOPT_HEADER, false); //debug
+ curl_setopt($ch, CURLINFO_HEADER_OUT, true); // enable tracking DEBUG
+ $output=curl_exec($ch);
+
+ curl_close($ch);
+ return $output;
+}
+
+?>
diff --git a/README.md b/README.md
index a37f455..2e0c57f 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,58 @@
-GoSMS
+GoSMS
===============
-SMSishing implementation using GoPhish
\ No newline at end of file
+SMSishing implementation using GoPhish and Trilio SMS gateway
+
+Usage
+===============
+replace email addresses with [mobile no]@gophish.sms where mobile number stats with country code prefix e.g. +44 = UK
+
+SMS should contain less than 1600 characters otherwise will be split into multiple SMS's
+
+Email template should be plaintext only, not HTML (this should be obvious)
+
+non-MMS so dont use tracking image {{.Tracker}} or HTML contents
+
+Email Opened - actually means delivered (Response from Trilio API)
+
+Setup
+===============
+Clone this repo into /opt/GoSMS/
+
+#Setup Postfix
+
+1) Tell Postfix To Use Our Virtual Alias db and virtual domains in **/etc/postfix/main.cf**:
+
+ virtual_alias_maps = hash:/etc/postfix/virtual_maps, regexp:/etc/postfix/virtual_regexp
+ virtual_alias_domains=/etc/postfix/virtual_domains
+
+2) add domain to **/etc/postfix/virtual_domains**
+
+ echo "gophish.sms" >> /etc/postfix/virtual_domains
+
+3) Redirect the email to a local user by adding to **/etc/postfix/virtual_regexp**:
+
+ /^([^@]*)@gophish.sms$/ apache@localhost
+
+4) Update **/etc/aliases** to redirect email addressed to the local user to a script:
+
+ apache: "|/usr/bin/php -q /opt/GoSMS/SendSMS.php"
+
+5) Rebuild Aliases & Restart Postfix
+
+ sudo newaliases; sudo postfix reload; sudo service postfix restart
+
+
+#setup GoSMS
+
+1) Set correct variables in config.php (should be self explanitory)
+
+2) Make SMSResponse.php accessible from the web, a couple of ways of doing this:
+
+2a) Sore in webserver folder running on different port e.g. /var/www/html/SMSResponse.php with apache running on port 8888
+
+2b) run a simple PHP server from the GoSMS directory:
+
+ php -S 0.0.0.0:8888
+
+
diff --git a/SMSResponse.php b/SMSResponse.php
new file mode 100644
index 0000000..2ec7344
--- /dev/null
+++ b/SMSResponse.php
@@ -0,0 +1,55 @@
+url = "$GophishAPIURL/api/campaigns/?api_key=$key";
+ $list = $curl->curlQuery();
+
+ if(isset($list->message) && $list->message == "Invalid API Key"){
+ echo "[!] Invalid API key\n";
+ exit(0);
+ }else{
+ foreach($list as $id){
+ if($id['status'] == "In progress"){
+ echo "[+] Found: ID: ".$id['id']." Name: ".$id['name']."\n";
+ foreach($id['results'] as $victim){
+ echo "[?] Searching for victim with $phoneNo\n";
+ if($victim['email'] == "$phoneNo@gophish.sms"){
+ echo "[+] Found RID: ".$victim['id']."\n";
+ echo "[!] Grabbing tracking image\n";
+ $curl->url = "$PhishURL/track?rid=".$victim['id'];
+ $list = $curl->curlQuery();
+ }
+ }
+ }
+
+ }
+ }
+ exit(0);
+}
+
+class curl {
+ public function curlQuery() {
+ $ch = curl_init();
+
+ curl_setopt($ch, CURLOPT_URL, $this->url);
+ curl_setopt($ch, CURLOPT_HEADER, 0);
+ curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, True);
+ curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+ //curl_setopt($ch, CURLOPT_VERBOSE, true); // verbose mode for debugging
+
+ $json = curl_exec($ch);
+
+ curl_close($ch);
+
+ $array = json_decode($json, true);
+ return $array;
+ }
+}
+
+?>
\ No newline at end of file
diff --git a/SendSMS.php b/SendSMS.php
new file mode 100755
index 0000000..3f510f3
--- /dev/null
+++ b/SendSMS.php
@@ -0,0 +1,83 @@
+ $SMSFrom,
+ 'To' => $orig,
+ 'StatusCallback' => $Callback,
+ 'Body' => $message,
+);
+$post = http_build_query($data);
+$auth = "$TwilioID:$AuthToken";
+
+$response = SendSMS($url, $post, $auth);
+
+function SendSMS($url,$post=false,$auth=false,$timeout=30) {
+ $ch = curl_init();
+
+ curl_setopt($ch, CURLOPT_URL, $url);
+ if ($post) {
+ curl_setopt($ch, CURLOPT_POST, 1);
+ curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
+ }
+ if($auth)
+ curl_setopt($ch, CURLOPT_USERPWD, $auth);
+ curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
+ curl_setopt($ch,CURLOPT_ENCODING , "");
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+ curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0");
+ curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
+ curl_setopt($ch, CURLOPT_FOLLOWLOCATION, FALSE);
+ curl_setopt($ch, CURLOPT_HEADER, false); //debug
+ curl_setopt($ch, CURLINFO_HEADER_OUT, true); // enable tracking DEBUG
+ $output=curl_exec($ch);
+
+ curl_close($ch);
+ return $output;
+}
+
+?>
diff --git a/config.php b/config.php
new file mode 100644
index 0000000..97ee336
--- /dev/null
+++ b/config.php
@@ -0,0 +1,14 @@
+