| |
---|
| | * Configuration Settings - CHANGE THESE |
---|
| | */ |
---|
| | $url = ""; // URL of GoPhish listner e.g. http://www.site.com:8080/ |
---|
| | $key = ""; // GoPhish API key |
---|
| | $pwd = "/opt/Pwdlyser/"; // /directory/containing/pwdlyser |
---|
| | $geoip = true; // use freegeoip.net on IP addresses? set to false to disable this. |
---|
| | $pwd = "/opt/pwdlyser/"; // /directory/containing/pwdlyser |
---|
| | $geoip = false; // use freegeoip.net on IP addresses? set to false to disable this. |
---|
| | $formUsername = "username"; // username name of landing page form input box |
---|
| | $formPassword = "password"; // password name of landing page form input box |
---|
| | |
---|
| | |
---|
| | /*** |
---|
| | * Main program - Don't edit below |
---|
| | */ |
---|
| |
---|
| | "ips|i" => "Top 10 IP's", |
---|
| | "useragent|u" => "Top 10 user agents", |
---|
| | "attempts|m" => "Top 10 attempts to log in", |
---|
| | "active|o" => "Active times", |
---|
| | "rolling|r" => "Activities per half hour", |
---|
| | "speed|e" => "Clickthrough speed", |
---|
| | "stats|s" => "Victim statistics", |
---|
| | "pass|p" => "Password analysis with pwdlyser", |
---|
| | ) |
---|
| |
---|
| | } |
---|
| | |
---|
| | /* Get list of campaigns */ |
---|
| | if ($filter->getParam("list") !== false) { |
---|
| | echo "[+] Getting data from server\n"; |
---|
| | $curl = new curl(); |
---|
| | echo "[+] Getting data from server\n"; |
---|
| | $curl = new curl(); |
---|
| | $curl->url = "$url/api/campaigns/?api_key=$key"; |
---|
| | $list = $curl->curlQuery(); |
---|
| | |
---|
| | if(isset($list->message) && $list->message == "Invalid API Key"){ |
---|
| | echo "[!] Invalid API key\n"; |
---|
| | exit(0); |
---|
| | echo "[!] Invalid API key\n"; |
---|
| | exit(0); |
---|
| | }else{ |
---|
| | echo "[id] -campaign name-\n"; |
---|
| | foreach($list as $id) |
---|
| | echo "[".$id['id']."] ".$id['name']."\n"; |
---|
| | echo "[id] -campaign name-\n"; |
---|
| | foreach($list as $id) |
---|
| | echo "[".$id['id']."] ".$id['name']."\n"; |
---|
| | } |
---|
| | exit(0); |
---|
| | } |
---|
| | |
---|
| |
---|
| | if ($campid == null || !is_numeric($campid)) { |
---|
| | echo "[!] Campaign ID not set\nn"; |
---|
| | exit(0); |
---|
| | }else{ |
---|
| | echo "[+] Getting data from server\n"; |
---|
| | $curl = new curl(); |
---|
| | echo "[+] Getting data from server\n"; |
---|
| | $curl = new curl(); |
---|
| | $curl->url = "$url/api/campaigns/$campid?api_key=$key"; |
---|
| | $list = $curl->curlQuery(); |
---|
| | if(isset($list->message) && $list->message == "Invalid API Key"){ |
---|
| | echo "[!] Invalid API key\n"; |
---|
| | exit(0); |
---|
| | echo "[!] Invalid API key\n"; |
---|
| | exit(0); |
---|
| | }else{ |
---|
| | /* all data got correctly time to do stuff! */ |
---|
| | echo "[$campid] ".$list['name']."\n"; |
---|
| | echo "\n--- Notable times ---\n"; |
---|
| | /* all data got correctly time to do stuff! */ |
---|
| | echo "[$campid] ".$list['name']."\n"; |
---|
| | echo "\n--- Notable times ---\n"; |
---|
| | |
---|
| | if(isset($list['launch_date']) && $list['launch_date'] <> ""){ |
---|
| | $time = date('d-m-Y H:i', $datetime = strtotime(substr($list['launch_date'], 0, 10) . ' ' . substr($list['launch_date'], 11, 8 ))); |
---|
| | echo "Campaign launched: $time\n"; |
---|
| | } |
---|
| | |
---|
| | foreach($list['timeline'] as $record){ |
---|
| | if($record['message'] == "Email Sent"){ |
---|
| | $time = date('d-m-Y H:i', $datetime = strtotime(substr($record['time'], 0, 10) . ' ' . substr($record['time'], 11, 8 ))); |
---|
| | echo "First email sent: $time\n"; |
---|
| | break; |
---|
| | } |
---|
| | } |
---|
| | foreach($list['timeline'] as $record){ |
---|
| | if($record['message'] == "Email Sent"){ |
---|
| | $time = date('d-m-Y H:i', $datetime = strtotime(substr($record['time'], 0, 10) . ' ' . substr($record['time'], 11, 8 ))); |
---|
| | echo "First email sent: $time\n"; |
---|
| | break; |
---|
| | } |
---|
| | } |
---|
| | foreach($list['timeline'] as $record){ |
---|
| | if($record['message'] == "Email Sent"){ |
---|
| | $time = date('d-m-Y H:i', $datetime = strtotime(substr($record['time'], 0, 10) . ' ' . substr($record['time'], 11, 8 ))); |
---|
| | } |
---|
| | } |
---|
| | echo "Last email sent:: $time\n"; |
---|
| | foreach($list['timeline'] as $record){ |
---|
| | if($record['message'] == "Clicked Link"){ |
---|
| | $time = date('d-m-Y H:i', $datetime = strtotime(substr($record['time'], 0, 10) . ' ' . substr($record['time'], 11, 8 ))); |
---|
| | echo "First email opened: $time\n"; |
---|
| | break; |
---|
| | } |
---|
| | } |
---|
| | foreach($list['timeline'] as $record){ |
---|
| | if($record['message'] == "Clicked Link"){ |
---|
| | $time = date('d-m-Y H:i', $datetime = strtotime(substr($record['time'], 0, 10) . ' ' . substr($record['time'], 11, 8 ))); |
---|
| | echo "First page view: $time\n"; |
---|
| | break; |
---|
| | } |
---|
| | } |
---|
| | foreach($list['timeline'] as $record){ |
---|
| | if($record['message'] == "Submitted Data"){ |
---|
| | $time = date('d-m-Y H:i', $datetime = strtotime(substr($record['time'], 0, 10) . ' ' . substr($record['time'], 11, 8 ))); |
---|
| | echo "First credentials submitted: $time\n"; |
---|
| | break; |
---|
| | } |
---|
| | } |
---|
| | echo "Last email sent: $time\n"; |
---|
| | foreach($list['timeline'] as $record){ |
---|
| | if($record['message'] == "Clicked Link"){ |
---|
| | $time = date('d-m-Y H:i', $datetime = strtotime(substr($record['time'], 0, 10) . ' ' . substr($record['time'], 11, 8 ))); |
---|
| | echo "First email opened: $time\n"; |
---|
| | break; |
---|
| | } |
---|
| | } |
---|
| | foreach($list['timeline'] as $record){ |
---|
| | if($record['message'] == "Clicked Link"){ |
---|
| | $time = date('d-m-Y H:i', $datetime = strtotime(substr($record['time'], 0, 10) . ' ' . substr($record['time'], 11, 8 ))); |
---|
| | echo "First page view: $time\n"; |
---|
| | break; |
---|
| | } |
---|
| | } |
---|
| | foreach($list['timeline'] as $record){ |
---|
| | if($record['message'] == "Submitted Data"){ |
---|
| | $time = date('d-m-Y H:i', $datetime = strtotime(substr($record['time'], 0, 10) . ' ' . substr($record['time'], 11, 8 ))); |
---|
| | echo "First credentials submitted: $time\n"; |
---|
| | break; |
---|
| | } |
---|
| | } |
---|
| | if(isset($list['completed_date']) && $list['completed_date'] <> ""){ |
---|
| | $time = date('d-m-Y H:i', $datetime = strtotime(substr($list['completed_date'], 0, 10) . ' ' . substr($list['completed_date'], 11, 8 ))); |
---|
| | echo "Campaign finished: $time\n"; |
---|
| | } |
---|
| |
---|
| | /* Top 10 IP's */ |
---|
| | if ($filter->getParam("ips") !== false || $filter->getParam("all") !== false) { |
---|
| | $ips = array(); |
---|
| | foreach($list['timeline'] as $item){ |
---|
| | if($item['details'] <> ""){ |
---|
| | $details = json_decode($item['details'], true); |
---|
| | if($details['browser']['address'] !== "unknown") |
---|
| | $ips[] = (string)$details['browser']['address']; |
---|
| | } |
---|
| | if($item['details'] <> ""){ |
---|
| | $details = json_decode($item['details'], true); |
---|
| | if($details['browser']['address'] !== "unknown") |
---|
| | $ips[] = (string)$details['browser']['address']; |
---|
| | } |
---|
| | } |
---|
| | $ips = array_count_values($ips); |
---|
| | arsort($ips); |
---|
| | $ips = array_slice($ips,0,10,true); |
---|
| |
---|
| | $geojson = file_get_contents("http://freegeoip.net/json/$ip"); |
---|
| | $geodetails = json_decode($geojson, true); |
---|
| | $geoip_details = "- ".$geodetails['country_name'].", ".$geodetails['city']; |
---|
| | } |
---|
| | echo "[$no] $ip $geoip_details\n"; |
---|
| | echo "[$no] $ip $geoip_details\n"; |
---|
| | } |
---|
| | } |
---|
| | |
---|
| | /* Top 10 user agent's */ |
---|
| | if ($filter->getParam("useragent") !== false || $filter->getParam("all") !== false) { |
---|
| | $agents = array(); |
---|
| | foreach($list['timeline'] as $item){ |
---|
| | if($item['details'] <> "" && $item['message'] == "Clicked Link"){ // only people who visited site, not email user agent |
---|
| | $details = json_decode($item['details'], true); |
---|
| | if($details['browser']['user-agent'] !== "unknown" && $details['browser']['user-agent'] !== "") |
---|
| | $agents[] = (string)$details['browser']['user-agent']; |
---|
| | } |
---|
| | if($item['details'] <> "" && $item['message'] == "Clicked Link"){ // only people who visited site, not email user agent |
---|
| | $details = json_decode($item['details'], true); |
---|
| | if($details['browser']['user-agent'] !== "unknown" && $details['browser']['user-agent'] !== "") |
---|
| | $agents[] = (string)$details['browser']['user-agent']; |
---|
| | } |
---|
| | } |
---|
| | $agents = array_count_values($agents); |
---|
| | arsort($agents); |
---|
| | $agents = array_slice($agents,0,10,true); |
---|
| | echo "\n--- Top 10 User Agents ---\n"; |
---|
| | foreach($agents as $ua=>$no){ |
---|
| | echo "[$no] $ua\n"; |
---|
| | echo "[$no] $ua\n"; |
---|
| | } |
---|
| | } |
---|
| | |
---|
| | /* Top 10 attempts to log in */ |
---|
| | if($filter->getParam("attempts") !== false || $filter->getParam("all") !== false) { |
---|
| | $userids = array(); |
---|
| | foreach($list['results'] as $item){ |
---|
| | $userids[$item['id']] = $item['email']; |
---|
| | $userids = array(); |
---|
| | foreach($list['results'] as $item){ |
---|
| | $userids[$item['id']] = $item['email']; |
---|
| | } |
---|
| | |
---|
| | $attemptrids = array(); |
---|
| | foreach($list['timeline'] as $item){ |
---|
| | if($item['details'] <> ""){ |
---|
| | $details = json_decode($item['details'], true); |
---|
| | if(isset($details['payload']['password'][0]) && $details['payload']['password'][0] <> ""){ |
---|
| | $attemptrids[$details['payload']['rid'][0]] += 1; |
---|
| | } |
---|
| | } |
---|
| | $attemptrids = array(); |
---|
| | foreach($list['timeline'] as $item){ |
---|
| | if($item['details'] <> ""){ |
---|
| | $details = json_decode($item['details'], true); |
---|
| | if(isset($details['payload'][$formPassword][0]) && $details['payload'][$formPassword][0] <> ""){ |
---|
| | $attemptrids[$details['payload']['rid'][0]] += 1; |
---|
| | } |
---|
| | } |
---|
| | } |
---|
| | arsort($attemptrids); |
---|
| | $attemptrids = array_slice($attemptrids,0,10,true); |
---|
| | echo "\n--- Top 10 Login Attempts ---\n"; |
---|
| | foreach($attemptrids as $id=>$amount){ |
---|
| | $newemail= preg_replace('/(?:^|.@).\K|.\.[^@]*$(*SKIP)(*F)|.(?=.*?\.)/', '*', $userids[$id]); |
---|
| | echo "[$amount] $newemail\n"; |
---|
| | } |
---|
| | //$newemail= preg_replace('/(?:^|.@).\K|.\.[^@]*$(*SKIP)(*F)|.(?=.*?\.)/', '*', $userids[$id]); |
---|
| | //echo "[$amount] $newemail\n"; |
---|
| | echo "[$amount] $userids[$id]\n"; |
---|
| | } |
---|
| | } |
---|
| | |
---|
| | /* Active times */ |
---|
| | if($filter->getParam("active") !== false || $filter->getParam("all") !== false) { |
---|
| |
---|
| | $percent2 = str_pad($percent2, 5, " ", STR_PAD_LEFT); |
---|
| | |
---|
| | echo "$iDsp - $user1 = $percent1% | $j - $user2 = $percent2% \n"; |
---|
| | } |
---|
| | } |
---|
| | |
---|
| | /* Rolling times */ |
---|
| | if($filter->getParam("rolling") !== false || $filter->getParam("all") !== false) { |
---|
| | $active_count = array(); |
---|
| | $active_percent = array(); |
---|
| | $total = 0; |
---|
| | echo "\n--- Rolling times (clicked link or submitted data) ---\n"; |
---|
| | foreach($list['timeline'] as $item){ |
---|
| | if($item['message'] == "Clicked Link" || $item['message'] == "Submitted Data" ){ |
---|
| | $month = (int)substr($item['time'], 5, 2); |
---|
| | $day = (int)substr($item['time'], 8, 2); |
---|
| | $hour = (int)substr($item['time'], 11, 2); |
---|
| | $min = (int)substr($item['time'], 14, 2); |
---|
| | $min = ($min < 30 ? "00" : 30); |
---|
| | $hour2 = $hour; |
---|
| | $min2 = $min; |
---|
| | if($min == 30){$hour2++; $min2 = "00";}else{$min2 = 30;} |
---|
| | $active_count[$month."/".$day." ".$hour.":".$min." - ".$hour2.":".$min2]++; |
---|
| | $total++; |
---|
| | } |
---|
| | |
---|
| | } |
---|
| | foreach($active_count as $id => $count) |
---|
| | echo "$id = $count\n"; |
---|
| | } |
---|
| | |
---|
| | /* Clickthrough speed */ |
---|
| | if ($filter->getParam("speed") !== false || $filter->getParam("all") !== false) { |
---|
| |
---|
| | } |
---|
| | |
---|
| | /* Victim statistics */ |
---|
| | if ($filter->getParam("stats") !== false || $filter->getParam("all") !== false) { |
---|
| | $status = array(); |
---|
| | foreach($list['results'] as $item){ |
---|
| | if($item['status'] <> ""){ |
---|
| | $status[] = $item['status']; |
---|
| | } |
---|
| | } |
---|
| | echo "\n--- Victim Statistics ---\n"; |
---|
| | $statusall = count($status); |
---|
| | $counts = array_count_values($status); |
---|
| | echo "Targets: ".$statusall."\n"; |
---|
| | $openedpercent = ($counts['Email Opened'] / $statusall) * 100; |
---|
| | echo "Email opened: ".$counts['Email Opened']." (".round($openedpercent, 2)."%)\n"; |
---|
| | $linkpercent = ($counts['Clicked Link'] / $statusall) * 100; |
---|
| | echo "Visited link: ".$counts['Clicked Link']." (".round($linkpercent, 2)."%)\n"; |
---|
| | $subpercent = ($counts['Submitted Data'] / $statusall) * 100; |
---|
| | echo "Submitted data: ".$counts['Submitted Data']." (".round($subpercent, 2)."%)\n"; |
---|
| | foreach($list['timeline'] as $item){ |
---|
| | if($item['details'] <> ""){ |
---|
| | $details = json_decode($item['details'], true); |
---|
| | if($details['payload']['password'][0] <> "") |
---|
| | $totalLoginAttempts++; |
---|
| | } |
---|
| | } |
---|
| | $status = array(); |
---|
| | foreach($list['results'] as $item){ |
---|
| | if($item['status'] <> ""){ |
---|
| | $status[] = $item['status']; |
---|
| | } |
---|
| | } |
---|
| | echo "\n--- Victim Statistics ---\n"; |
---|
| | $statusall = count($status); |
---|
| | $counts = array_count_values($status); |
---|
| | echo "Targets: ".$statusall."\n"; |
---|
| | $openedpercent = ($counts['Email Opened'] / $statusall) * 100; |
---|
| | echo "Email opened: ".$counts['Email Opened']." (".round($openedpercent, 2)."%)\n"; |
---|
| | $linkpercent = ($counts['Clicked Link'] / $statusall) * 100; |
---|
| | echo "Visited link: ".$counts['Clicked Link']." (".round($linkpercent, 2)."%)\n"; |
---|
| | $subpercent = ($counts['Submitted Data'] / $statusall) * 100; |
---|
| | echo "Submitted data: ".$counts['Submitted Data']." (".round($subpercent, 2)."%)\n"; |
---|
| | foreach($list['timeline'] as $item){ |
---|
| | if($item['details'] <> ""){ |
---|
| | $details = json_decode($item['details'], true); |
---|
| | if($details['payload'][$formPassword][0] <> "") |
---|
| | $totalLoginAttempts++; |
---|
| | } |
---|
| | } |
---|
| | echo "Total login attempts: $totalLoginAttempts\n"; |
---|
| | } |
---|
| | |
---|
| | /* Pwdlyzer */ |
---|
| | if ($filter->getParam("pass") !== false || $filter->getParam("all") !== false) { |
---|
| | $username = array(); |
---|
| | $password = array(); |
---|
| | echo "\n--- Password Statistics ---\n"; |
---|
| | foreach($list['timeline'] as $item){ |
---|
| | if($item['details'] <> ""){ |
---|
| | $details = json_decode($item['details'], true); |
---|
| | if($details['payload']['password'][0] <> ""){ |
---|
| | $username[] = $details['payload']['username'][0]; |
---|
| | $password[] = $details['payload']['password'][0]; |
---|
| | } |
---|
| | } |
---|
| | } |
---|
| | $tmpfname = tempnam("/tmp", "GoStats-"); |
---|
| | $pwdfname = tempnam("/tmp", "GoStats-"); |
---|
| | $handle = fopen($tmpfname, "w"); |
---|
| | foreach($username as $id=>$user){ |
---|
| | fwrite($handle, "$user:".$password[$id]."\n"); |
---|
| | } |
---|
| | fclose($handle); |
---|
| | echo "[+] Launching pwdlyzer\n"; |
---|
| | exec("cd $pwd && ./pwdlyser.py -p $tmpfname --all > $pwdfname"); |
---|
| | unlink($tmpfname); |
---|
| | echo "[+] pwdlyzer results at: $pwdfname\n"; |
---|
| | $username = array(); |
---|
| | $password = array(); |
---|
| | echo "\n--- Password Statistics ---\n"; |
---|
| | foreach($list['timeline'] as $item){ |
---|
| | if($item['details'] <> ""){ |
---|
| | $details = json_decode($item['details'], true); |
---|
| | if($details['payload'][$formPassword][0] <> ""){ |
---|
| | $username[] = $details['payload'][$formUsername][0]; |
---|
| | $password[] = $details['payload'][$formPassword][0]; |
---|
| | } |
---|
| | } |
---|
| | } |
---|
| | $tmpfname = tempnam("/tmp", "GoStats-"); |
---|
| | $pwdfname = tempnam("/tmp", "GoStats-"); |
---|
| | $handle = fopen($tmpfname, "w"); |
---|
| | foreach($username as $id=>$user){ |
---|
| | fwrite($handle, "$user:".$password[$id]."\n"); |
---|
| | } |
---|
| | fclose($handle); |
---|
| | echo "[+] Launching pwdlyzer\n"; |
---|
| | exec("cd $pwd && ./pwdlyser.py -p $tmpfname --all > $pwdfname"); |
---|
| | unlink($tmpfname); |
---|
| | echo "[+] pwdlyzer results at: $pwdfname\n"; |
---|
| | } |
---|
| | |
---|
| | /* dump username:password list to file */ |
---|
| | $dumpfile = $filter->getParam('dump'); |
---|
| | if(file_exists($dumpfile)){ |
---|
| | echo "[!] File already exists ($dumpfile)\n"; |
---|
| | echo "[!] File already exists ($dumpfile)\n"; |
---|
| | exit(0); |
---|
| | } |
---|
| | if(!file_exists($dumpfile) && isset($dumpfile)){ |
---|
| | $username = array(); |
---|
| | $password = array(); |
---|
| | echo "\n--- Dumping username:password to file ---\n"; |
---|
| | foreach($list['timeline'] as $item){ |
---|
| | if($item['details'] <> ""){ |
---|
| | $details = json_decode($item['details'], true); |
---|
| | if($details['payload']['password'][0] <> ""){ |
---|
| | $username[] = $details['payload']['username'][0]; |
---|
| | $password[] = $details['payload']['password'][0]; |
---|
| | } |
---|
| | } |
---|
| | } |
---|
| | $handle = fopen($dumpfile, "w"); |
---|
| | foreach($username as $id=>$user){ |
---|
| | fwrite($handle, "$user:".$password[$id]."\n"); |
---|
| | } |
---|
| | fclose($handle); |
---|
| | echo "[+] File created: $dumpfile\n"; |
---|
| | $username = array(); |
---|
| | $password = array(); |
---|
| | echo "\n--- Dumping username:password to file ---\n"; |
---|
| | foreach($list['timeline'] as $item){ |
---|
| | if($item['details'] <> ""){ |
---|
| | $details = json_decode($item['details'], true); |
---|
| | if($details['payload'][$formPassword][0] <> ""){ |
---|
| | $username[] = $details['payload'][$formUsername][0]; |
---|
| | $password[] = $details['payload'][$formPassword][0]; |
---|
| | } |
---|
| | } |
---|
| | } |
---|
| | $handle = fopen($dumpfile, "w"); |
---|
| | foreach($username as $id=>$user){ |
---|
| | fwrite($handle, "$user:".$password[$id]."\n"); |
---|
| | } |
---|
| | fclose($handle); |
---|
| | echo "[+] File created: $dumpfile\n"; |
---|
| | } |
---|
| | |
---|
| | /* dump list of users requiring training */ |
---|
| | $dumpfile2 = $filter->getParam('training'); |
---|
| |
---|
| | |