Get statistics from GoPhish campaign
Classes | 5 years ago | ||
GoStats.php | 5 years ago | ||
README.md | 5 years ago |
Get statistics from GoPhish campaigns
Pwdlyser - https://github.com/ins1gn1a/Pwdlyser
git clone the repo
chmod +x ./GoStats.php
Modify GoStats.php to contain your gophish URL, API key and path to pwdlyser
./GoStats.php
root[/opt/GoStats]: ./GoStats.php ╔═╗┌─┐╔═╗┌┬┐┌─┐┌┬┐┌─┐ ║ ╦│ │╚═╗ │ ├─┤ │ └─┐ v1.0 ╚═╝└─┘╚═╝ ┴ ┴ ┴ ┴ └─┘ --help|-h Shows help message --list|-l List campaigns and their ID's --campaign|-c=integer Get campaign by id --dump|-d=string Dump user:pass list to </path/to/file.txt> --training|-t=string Dump list of users requiring training </path/to/file.txt> --all|-a All of the below options --ips|-i Top 10 IP's --useragent|-u Top 10 user agents --attempts|-m Top 10 attempts to log in --active|-o Active times --speed|-e Clickthrough speed --stats|-s Victim statistics --pass|-p Password analysis with pwdlyser root[/opt/GoStats]: ./GoStats.php -l ╔═╗┌─┐╔═╗┌┬┐┌─┐┌┬┐┌─┐ ║ ╦│ │╚═╗ │ ├─┤ │ └─┐ v1.0 ╚═╝└─┘╚═╝ ┴ ┴ ┴ ┴ └─┘ [+] Getting data from server [id] -campaign name- [33] Campaign_01 [60] Campaign_02 root[/opt/GoStats]: ./GoStats.php -c 60 -a ╔═╗┌─┐╔═╗┌┬┐┌─┐┌┬┐┌─┐ ║ ╦│ │╚═╗ │ ├─┤ │ └─┐ v1.0 ╚═╝└─┘╚═╝ ┴ ┴ ┴ ┴ └─┘ [+] Getting data from server [60] Campaign_02 [+] Notable times Campaign launched: 16-10-2017 09:28 First email sent: 16-10-2017 10:20 Last email sent: 16-10-2017 10:25 First email opened: 16-10-2017 10:28 First page view: 16-10-2017 10:28 First credentials submitted: 16-10-2017 10:29 Campaign finished: 21-10-2017 10:09 [+] Top 10 IPs [177] 130.***.**.50 - United Kingdom, London [96] 212.***.**.69 - France, [41] 86.**.**.2 - United Kingdom, Edgware [32] 193.***.**.190 - United Kingdom, [28] 205.***.**.189 - United States, Chesterfield [19] 86.***.***.47 - United Kingdom, Gillingham [15] 82.**.**.34 - United Kingdom, Bradford-on-Avon [14] 24.**.***.62 - United States, New York [9] 66.**.**.130 - United States, West Jordan [7] 2.**.**.183 - United Kingdom, London [+] Top 10 User Agents [60] WebClient/1.0 [32] Mozilla/4.0 (redacted details) [30] Mozilla/4.0 (redacted details) [29] Mozilla/4.0 (redacted details) [26] Mozilla/4.0 (redacted details) [26] Mozilla/4.0 (redacted details) [22] Mozilla/4.0 (redacted details) [20] Mozilla/5.0 (redacted details) Chrome/61.0.3163.100 Safari/537.36 [18] Mozilla/4.0 (redacted details) [16] Mozilla/4.0 (redacted details) AppleWebKit/603.3.8 [+] Top 10 Login Attempts [19] b**********s@w***n.com [12] b***************o@w***n.com [8] n*************e@g*********e.com [7] c****a@w***n.com [7] s***************d@g*********e.com [7] e**********r@w***n.com [6] c*********m@w***n.com [5] d******j@w***n.com [3] j********d@a********l.com [3] c***********n@a********l.com [+] Active times (hour, actions & percent) 0 - = 0.00% | 12 - 28 = 5.47% 1 - = 0.00% | 13 - 22 = 4.30% 2 - = 0.00% | 14 - 31 = 6.05% 3 - = 0.00% | 15 - 25 = 4.88% 4 - = 0.00% | 16 - 53 = 10.35% 5 - 1 = 0.20% | 17 - 2 = 0.39% 6 - 5 = 0.98% | 18 - 18 = 3.52% 7 - 9 = 1.76% | 19 - 8 = 1.56% 8 - 21 = 4.10% | 20 - = 0.00% 9 - 134 = 26.17% | 21 - 4 = 0.78% 10 - 125 = 24.41% | 22 - 1 = 0.20% 11 - 24 = 4.69% | 23 - 1 = 0.20% 12 - 28 = 5.47% | 24 - = 0.00% --- Rolling times (clicked link or submitted data) --- 10/16 9:00 - 9:30 = 6 10/16 9:30 - 10:00 = 89 10/16 10:00 - 10:30 = 18 10/16 10:30 - 11:00 = 19 10/16 11:00 - 11:30 = 6 10/16 12:00 - 12:30 = 4 10/16 12:30 - 13:00 = 1 10/16 13:00 - 13:30 = 1 10/16 13:30 - 14:00 = 7 10/16 14:30 - 15:00 = 5 10/16 15:00 - 15:30 = 3 10/16 15:30 - 16:00 = 9 10/16 16:30 - 17:00 = 1 10/16 18:00 - 18:30 = 13 10/16 19:30 - 20:00 = 8 10/17 6:30 - 7:00 = 2 10/17 10:00 - 10:30 = 3 10/17 12:00 - 12:30 = 4 10/17 16:30 - 17:00 = 23 10/18 9:30 - 10:00 = 1 10/18 11:30 - 12:00 = 4 10/18 16:00 - 16:30 = 4 10/19 7:30 - 8:00 = 1 10/19 18:30 - 19:00 = 3 [+] Clickthrough Speed Quickest click: 2 sec Longest click: 18 min Users clicked < 5 sec: 7 Users clicked < 30 sec: 11 Users clicked < 1 min: 16 [+] Victim Statistics Targets: 136 Email opened: 15 (11.03%) Visited link: 20 (14.71%) Submitted data: 20 (14.71%) Total login attempts: 96 [+] Password Statistics [+] Launching pwdlyzer [!] pwdlyzer results at: /tmp/GoStats-VpGHth