GoStats/README.md at 5a5fe1eb9d270dad6232d452e81cb76006b56315

Fork: 0
0xRoM / GoStats
Find file
Newer
Older
GoStats / README.md
root on 15 Aug 2019 5 KB new stats and update readme to reflect new stats
Raw Blame History
GoStats
===============

Get statistics from GoPhish campaigns

Requirements
===============
Pwdlyser - [https://github.com/ins1gn1a/Pwdlyser](https://github.com/ins1gn1a/Pwdlyser)

Installation and Usage
===============
git clone the repo

    chmod +x ./GoStats.php

Modify **GoStats.php** to contain your gophish URL, API key and path to pwdlyser

    ./GoStats.php

Example Output
===============

    root[/opt/GoStats]: ./GoStats.php
    ╔═╗┌─┐╔═╗┌┬┐┌─┐┌┬┐┌─┐
    ║ ╦│ │╚═╗ │ ├─┤ │ └─┐ v1.0
    ╚═╝└─┘╚═╝ ┴ ┴ ┴ ┴ └─┘
    --help|-h                Shows help message
    --list|-l                List campaigns and their ID's
    --campaign|-c=integer    Get campaign by id
    --dump|-d=string         Dump user:pass list to </path/to/file.txt>
    --training|-t=string     Dump list of users requiring training </path/to/file.txt>
    --all|-a                 All of the below options
    --ips|-i                 Top 10 IP's
    --useragent|-u           Top 10 user agents
    --attempts|-m            Top 10 attempts to log in
    --active|-o              Active times
    --speed|-e               Clickthrough speed
    --stats|-s               Victim statistics
    --pass|-p                Password analysis with pwdlyser

    root[/opt/GoStats]: ./GoStats.php -l
    ╔═╗┌─┐╔═╗┌┬┐┌─┐┌┬┐┌─┐
    ║ ╦│ │╚═╗ │ ├─┤ │ └─┐ v1.0
    ╚═╝└─┘╚═╝ ┴ ┴ ┴ ┴ └─┘
    [+] Getting data from server
    [id] -campaign name-
    [33] Campaign_01
    [60] Campaign_02

    root[/opt/GoStats]: ./GoStats.php -c 60 -a
    ╔═╗┌─┐╔═╗┌┬┐┌─┐┌┬┐┌─┐
    ║ ╦│ │╚═╗ │ ├─┤ │ └─┐ v1.0
    ╚═╝└─┘╚═╝ ┴ ┴ ┴ ┴ └─┘
    [+] Getting data from server
    [60] Campaign_02

    [+] Notable times
    Campaign launched: 16-10-2017 09:28
    First email sent: 16-10-2017 10:20
    Last email sent: 16-10-2017 10:25
    First email opened: 16-10-2017 10:28
    First page view: 16-10-2017 10:28
    First credentials submitted: 16-10-2017 10:29
    Campaign finished: 21-10-2017 10:09

    [+] Top 10 IPs
    [177] 130.***.**.50 - United Kingdom, London
    [96] 212.***.**.69 - France, 
    [41] 86.**.**.2 - United Kingdom, Edgware
    [32] 193.***.**.190 - United Kingdom, 
    [28] 205.***.**.189 - United States, Chesterfield
    [19] 86.***.***.47 - United Kingdom, Gillingham
    [15] 82.**.**.34 - United Kingdom, Bradford-on-Avon
    [14] 24.**.***.62 - United States, New York
    [9] 66.**.**.130 - United States, West Jordan
    [7] 2.**.**.183 - United Kingdom, London

    [+] Top 10 User Agents
    [60] WebClient/1.0
    [32] Mozilla/4.0 (redacted details)
    [30] Mozilla/4.0 (redacted details)
    [29] Mozilla/4.0 (redacted details)
    [26] Mozilla/4.0 (redacted details)
    [26] Mozilla/4.0 (redacted details)
    [22] Mozilla/4.0 (redacted details)
    [20] Mozilla/5.0 (redacted details) Chrome/61.0.3163.100 Safari/537.36
    [18] Mozilla/4.0 (redacted details)
    [16] Mozilla/4.0 (redacted details) AppleWebKit/603.3.8 

    [+] Top 10 Login Attempts
    [19] b**********s@w***n.com
    [12] b***************o@w***n.com
    [8] n*************e@g*********e.com
    [7] c****a@w***n.com
    [7] s***************d@g*********e.com
    [7] e**********r@w***n.com
    [6] c*********m@w***n.com
    [5] d******j@w***n.com
    [3] j********d@a********l.com
    [3] c***********n@a********l.com

    [+] Active times (hour, actions & percent)
     0 -      =  0.00%  |  12 -   28 =  5.47% 
     1 -      =  0.00%  |  13 -   22 =  4.30% 
     2 -      =  0.00%  |  14 -   31 =  6.05% 
     3 -      =  0.00%  |  15 -   25 =  4.88% 
     4 -      =  0.00%  |  16 -   53 = 10.35% 
     5 -    1 =  0.20%  |  17 -    2 =  0.39% 
     6 -    5 =  0.98%  |  18 -   18 =  3.52% 
     7 -    9 =  1.76%  |  19 -    8 =  1.56% 
     8 -   21 =  4.10%  |  20 -      =  0.00% 
     9 -  134 = 26.17%  |  21 -    4 =  0.78% 
    10 -  125 = 24.41%  |  22 -    1 =  0.20% 
    11 -   24 =  4.69%  |  23 -    1 =  0.20% 
    12 -   28 =  5.47%  |  24 -      =  0.00%

    --- Rolling times (clicked link or submitted data) ---
    10/16 9:00 - 9:30 = 6
    10/16 9:30 - 10:00 = 89
    10/16 10:00 - 10:30 = 18
    10/16 10:30 - 11:00 = 19
    10/16 11:00 - 11:30 = 6
    10/16 12:00 - 12:30 = 4
    10/16 12:30 - 13:00 = 1
    10/16 13:00 - 13:30 = 1
    10/16 13:30 - 14:00 = 7
    10/16 14:30 - 15:00 = 5
    10/16 15:00 - 15:30 = 3
    10/16 15:30 - 16:00 = 9
    10/16 16:30 - 17:00 = 1
    10/16 18:00 - 18:30 = 13
    10/16 19:30 - 20:00 = 8
    10/17 6:30 - 7:00 = 2
    10/17 10:00 - 10:30 = 3
    10/17 12:00 - 12:30 = 4
    10/17 16:30 - 17:00 = 23
    10/18 9:30 - 10:00 = 1
    10/18 11:30 - 12:00 = 4
    10/18 16:00 - 16:30 = 4
    10/19 7:30 - 8:00 = 1
    10/19 18:30 - 19:00 = 3

    [+] Clickthrough Speed
    Quickest click: 2 sec
    Longest click: 18 min
    Users clicked < 5 sec: 7
    Users clicked < 30 sec: 11
    Users clicked < 1 min: 16

    [+] Victim Statistics
    Targets: 136
    Email opened: 15 (11.03%)
    Visited link: 20 (14.71%)
    Submitted data: 20 (14.71%)
    Total login attempts: 96

    [+] Password Statistics
    [+] Launching pwdlyzer
    [!] pwdlyzer results at: /tmp/GoStats-VpGHth