new stats and update readme to reflect new stats
1 parent 7387d6d commit 5a5fe1eb9d270dad6232d452e81cb76006b56315
root authored on 15 Aug 2019
Showing 2 changed files
View
306
GoStats.php
* Configuration Settings - CHANGE THESE
*/
$url = ""; // URL of GoPhish listner e.g. http://www.site.com:8080/
$key = ""; // GoPhish API key
$pwd = "/opt/Pwdlyser/"; // /directory/containing/pwdlyser
$geoip = true; // use freegeoip.net on IP addresses? set to false to disable this.
$pwd = "/opt/pwdlyser/"; // /directory/containing/pwdlyser
$geoip = false; // use freegeoip.net on IP addresses? set to false to disable this.
$formUsername = "username"; // username name of landing page form input box
$formPassword = "password"; // password name of landing page form input box
 
 
/***
* Main program - Don't edit below
*/
"ips|i" => "Top 10 IP's",
"useragent|u" => "Top 10 user agents",
"attempts|m" => "Top 10 attempts to log in",
"active|o" => "Active times",
"rolling|r" => "Activities per half hour",
"speed|e" => "Clickthrough speed",
"stats|s" => "Victim statistics",
"pass|p" => "Password analysis with pwdlyser",
)
}
 
/* Get list of campaigns */
if ($filter->getParam("list") !== false) {
echo "[+] Getting data from server\n";
$curl = new curl();
echo "[+] Getting data from server\n";
$curl = new curl();
$curl->url = "$url/api/campaigns/?api_key=$key";
$list = $curl->curlQuery();
 
if(isset($list->message) && $list->message == "Invalid API Key"){
echo "[!] Invalid API key\n";
exit(0);
echo "[!] Invalid API key\n";
exit(0);
}else{
echo "[id] -campaign name-\n";
foreach($list as $id)
echo "[".$id['id']."] ".$id['name']."\n";
echo "[id] -campaign name-\n";
foreach($list as $id)
echo "[".$id['id']."] ".$id['name']."\n";
}
exit(0);
}
 
if ($campid == null || !is_numeric($campid)) {
echo "[!] Campaign ID not set\nn";
exit(0);
}else{
echo "[+] Getting data from server\n";
$curl = new curl();
echo "[+] Getting data from server\n";
$curl = new curl();
$curl->url = "$url/api/campaigns/$campid?api_key=$key";
$list = $curl->curlQuery();
if(isset($list->message) && $list->message == "Invalid API Key"){
echo "[!] Invalid API key\n";
exit(0);
echo "[!] Invalid API key\n";
exit(0);
}else{
/* all data got correctly time to do stuff! */
echo "[$campid] ".$list['name']."\n";
echo "\n--- Notable times ---\n";
/* all data got correctly time to do stuff! */
echo "[$campid] ".$list['name']."\n";
echo "\n--- Notable times ---\n";
 
if(isset($list['launch_date']) && $list['launch_date'] <> ""){
$time = date('d-m-Y H:i', $datetime = strtotime(substr($list['launch_date'], 0, 10) . ' ' . substr($list['launch_date'], 11, 8 )));
echo "Campaign launched: $time\n";
}
 
foreach($list['timeline'] as $record){
if($record['message'] == "Email Sent"){
$time = date('d-m-Y H:i', $datetime = strtotime(substr($record['time'], 0, 10) . ' ' . substr($record['time'], 11, 8 )));
echo "First email sent: $time\n";
break;
}
}
foreach($list['timeline'] as $record){
if($record['message'] == "Email Sent"){
$time = date('d-m-Y H:i', $datetime = strtotime(substr($record['time'], 0, 10) . ' ' . substr($record['time'], 11, 8 )));
echo "First email sent: $time\n";
break;
}
}
foreach($list['timeline'] as $record){
if($record['message'] == "Email Sent"){
$time = date('d-m-Y H:i', $datetime = strtotime(substr($record['time'], 0, 10) . ' ' . substr($record['time'], 11, 8 )));
}
}
echo "Last email sent:: $time\n";
foreach($list['timeline'] as $record){
if($record['message'] == "Clicked Link"){
$time = date('d-m-Y H:i', $datetime = strtotime(substr($record['time'], 0, 10) . ' ' . substr($record['time'], 11, 8 )));
echo "First email opened: $time\n";
break;
}
}
foreach($list['timeline'] as $record){
if($record['message'] == "Clicked Link"){
$time = date('d-m-Y H:i', $datetime = strtotime(substr($record['time'], 0, 10) . ' ' . substr($record['time'], 11, 8 )));
echo "First page view: $time\n";
break;
}
}
foreach($list['timeline'] as $record){
if($record['message'] == "Submitted Data"){
$time = date('d-m-Y H:i', $datetime = strtotime(substr($record['time'], 0, 10) . ' ' . substr($record['time'], 11, 8 )));
echo "First credentials submitted: $time\n";
break;
}
}
echo "Last email sent: $time\n";
foreach($list['timeline'] as $record){
if($record['message'] == "Clicked Link"){
$time = date('d-m-Y H:i', $datetime = strtotime(substr($record['time'], 0, 10) . ' ' . substr($record['time'], 11, 8 )));
echo "First email opened: $time\n";
break;
}
}
foreach($list['timeline'] as $record){
if($record['message'] == "Clicked Link"){
$time = date('d-m-Y H:i', $datetime = strtotime(substr($record['time'], 0, 10) . ' ' . substr($record['time'], 11, 8 )));
echo "First page view: $time\n";
break;
}
}
foreach($list['timeline'] as $record){
if($record['message'] == "Submitted Data"){
$time = date('d-m-Y H:i', $datetime = strtotime(substr($record['time'], 0, 10) . ' ' . substr($record['time'], 11, 8 )));
echo "First credentials submitted: $time\n";
break;
}
}
if(isset($list['completed_date']) && $list['completed_date'] <> ""){
$time = date('d-m-Y H:i', $datetime = strtotime(substr($list['completed_date'], 0, 10) . ' ' . substr($list['completed_date'], 11, 8 )));
echo "Campaign finished: $time\n";
}
/* Top 10 IP's */
if ($filter->getParam("ips") !== false || $filter->getParam("all") !== false) {
$ips = array();
foreach($list['timeline'] as $item){
if($item['details'] <> ""){
$details = json_decode($item['details'], true);
if($details['browser']['address'] !== "unknown")
$ips[] = (string)$details['browser']['address'];
}
if($item['details'] <> ""){
$details = json_decode($item['details'], true);
if($details['browser']['address'] !== "unknown")
$ips[] = (string)$details['browser']['address'];
}
}
$ips = array_count_values($ips);
arsort($ips);
$ips = array_slice($ips,0,10,true);
$geojson = file_get_contents("http://freegeoip.net/json/$ip");
$geodetails = json_decode($geojson, true);
$geoip_details = "- ".$geodetails['country_name'].", ".$geodetails['city'];
}
echo "[$no] $ip $geoip_details\n";
echo "[$no] $ip $geoip_details\n";
}
}
 
/* Top 10 user agent's */
if ($filter->getParam("useragent") !== false || $filter->getParam("all") !== false) {
$agents = array();
foreach($list['timeline'] as $item){
if($item['details'] <> "" && $item['message'] == "Clicked Link"){ // only people who visited site, not email user agent
$details = json_decode($item['details'], true);
if($details['browser']['user-agent'] !== "unknown" && $details['browser']['user-agent'] !== "")
$agents[] = (string)$details['browser']['user-agent'];
}
if($item['details'] <> "" && $item['message'] == "Clicked Link"){ // only people who visited site, not email user agent
$details = json_decode($item['details'], true);
if($details['browser']['user-agent'] !== "unknown" && $details['browser']['user-agent'] !== "")
$agents[] = (string)$details['browser']['user-agent'];
}
}
$agents = array_count_values($agents);
arsort($agents);
$agents = array_slice($agents,0,10,true);
echo "\n--- Top 10 User Agents ---\n";
foreach($agents as $ua=>$no){
echo "[$no] $ua\n";
echo "[$no] $ua\n";
}
}
 
/* Top 10 attempts to log in */
if($filter->getParam("attempts") !== false || $filter->getParam("all") !== false) {
$userids = array();
foreach($list['results'] as $item){
$userids[$item['id']] = $item['email'];
$userids = array();
foreach($list['results'] as $item){
$userids[$item['id']] = $item['email'];
}
$attemptrids = array();
foreach($list['timeline'] as $item){
if($item['details'] <> ""){
$details = json_decode($item['details'], true);
if(isset($details['payload']['password'][0]) && $details['payload']['password'][0] <> ""){
$attemptrids[$details['payload']['rid'][0]] += 1;
}
}
$attemptrids = array();
foreach($list['timeline'] as $item){
if($item['details'] <> ""){
$details = json_decode($item['details'], true);
if(isset($details['payload'][$formPassword][0]) && $details['payload'][$formPassword][0] <> ""){
$attemptrids[$details['payload']['rid'][0]] += 1;
}
}
}
arsort($attemptrids);
$attemptrids = array_slice($attemptrids,0,10,true);
echo "\n--- Top 10 Login Attempts ---\n";
foreach($attemptrids as $id=>$amount){
$newemail= preg_replace('/(?:^|.@).\K|.\.[^@]*$(*SKIP)(*F)|.(?=.*?\.)/', '*', $userids[$id]);
echo "[$amount] $newemail\n";
}
//$newemail= preg_replace('/(?:^|.@).\K|.\.[^@]*$(*SKIP)(*F)|.(?=.*?\.)/', '*', $userids[$id]);
//echo "[$amount] $newemail\n";
echo "[$amount] $userids[$id]\n";
}
}
 
/* Active times */
if($filter->getParam("active") !== false || $filter->getParam("all") !== false) {
$percent2 = str_pad($percent2, 5, " ", STR_PAD_LEFT);
echo "$iDsp - $user1 = $percent1% | $j - $user2 = $percent2% \n";
}
}
 
/* Rolling times */
if($filter->getParam("rolling") !== false || $filter->getParam("all") !== false) {
$active_count = array();
$active_percent = array();
$total = 0;
echo "\n--- Rolling times (clicked link or submitted data) ---\n";
foreach($list['timeline'] as $item){
if($item['message'] == "Clicked Link" || $item['message'] == "Submitted Data" ){
$month = (int)substr($item['time'], 5, 2);
$day = (int)substr($item['time'], 8, 2);
$hour = (int)substr($item['time'], 11, 2);
$min = (int)substr($item['time'], 14, 2);
$min = ($min < 30 ? "00" : 30);
$hour2 = $hour;
$min2 = $min;
if($min == 30){$hour2++; $min2 = "00";}else{$min2 = 30;}
$active_count[$month."/".$day." ".$hour.":".$min." - ".$hour2.":".$min2]++;
$total++;
}
 
}
foreach($active_count as $id => $count)
echo "$id = $count\n";
}
 
/* Clickthrough speed */
if ($filter->getParam("speed") !== false || $filter->getParam("all") !== false) {
}
 
/* Victim statistics */
if ($filter->getParam("stats") !== false || $filter->getParam("all") !== false) {
$status = array();
foreach($list['results'] as $item){
if($item['status'] <> ""){
$status[] = $item['status'];
}
}
echo "\n--- Victim Statistics ---\n";
$statusall = count($status);
$counts = array_count_values($status);
echo "Targets: ".$statusall."\n";
$openedpercent = ($counts['Email Opened'] / $statusall) * 100;
echo "Email opened: ".$counts['Email Opened']." (".round($openedpercent, 2)."%)\n";
$linkpercent = ($counts['Clicked Link'] / $statusall) * 100;
echo "Visited link: ".$counts['Clicked Link']." (".round($linkpercent, 2)."%)\n";
$subpercent = ($counts['Submitted Data'] / $statusall) * 100;
echo "Submitted data: ".$counts['Submitted Data']." (".round($subpercent, 2)."%)\n";
foreach($list['timeline'] as $item){
if($item['details'] <> ""){
$details = json_decode($item['details'], true);
if($details['payload']['password'][0] <> "")
$totalLoginAttempts++;
}
}
$status = array();
foreach($list['results'] as $item){
if($item['status'] <> ""){
$status[] = $item['status'];
}
}
echo "\n--- Victim Statistics ---\n";
$statusall = count($status);
$counts = array_count_values($status);
echo "Targets: ".$statusall."\n";
$openedpercent = ($counts['Email Opened'] / $statusall) * 100;
echo "Email opened: ".$counts['Email Opened']." (".round($openedpercent, 2)."%)\n";
$linkpercent = ($counts['Clicked Link'] / $statusall) * 100;
echo "Visited link: ".$counts['Clicked Link']." (".round($linkpercent, 2)."%)\n";
$subpercent = ($counts['Submitted Data'] / $statusall) * 100;
echo "Submitted data: ".$counts['Submitted Data']." (".round($subpercent, 2)."%)\n";
foreach($list['timeline'] as $item){
if($item['details'] <> ""){
$details = json_decode($item['details'], true);
if($details['payload'][$formPassword][0] <> "")
$totalLoginAttempts++;
}
}
echo "Total login attempts: $totalLoginAttempts\n";
}
 
/* Pwdlyzer */
if ($filter->getParam("pass") !== false || $filter->getParam("all") !== false) {
$username = array();
$password = array();
echo "\n--- Password Statistics ---\n";
foreach($list['timeline'] as $item){
if($item['details'] <> ""){
$details = json_decode($item['details'], true);
if($details['payload']['password'][0] <> ""){
$username[] = $details['payload']['username'][0];
$password[] = $details['payload']['password'][0];
}
}
}
$tmpfname = tempnam("/tmp", "GoStats-");
$pwdfname = tempnam("/tmp", "GoStats-");
$handle = fopen($tmpfname, "w");
foreach($username as $id=>$user){
fwrite($handle, "$user:".$password[$id]."\n");
}
fclose($handle);
echo "[+] Launching pwdlyzer\n";
exec("cd $pwd && ./pwdlyser.py -p $tmpfname --all > $pwdfname");
unlink($tmpfname);
echo "[+] pwdlyzer results at: $pwdfname\n";
$username = array();
$password = array();
echo "\n--- Password Statistics ---\n";
foreach($list['timeline'] as $item){
if($item['details'] <> ""){
$details = json_decode($item['details'], true);
if($details['payload'][$formPassword][0] <> ""){
$username[] = $details['payload'][$formUsername][0];
$password[] = $details['payload'][$formPassword][0];
}
}
}
$tmpfname = tempnam("/tmp", "GoStats-");
$pwdfname = tempnam("/tmp", "GoStats-");
$handle = fopen($tmpfname, "w");
foreach($username as $id=>$user){
fwrite($handle, "$user:".$password[$id]."\n");
}
fclose($handle);
echo "[+] Launching pwdlyzer\n";
exec("cd $pwd && ./pwdlyser.py -p $tmpfname --all > $pwdfname");
unlink($tmpfname);
echo "[+] pwdlyzer results at: $pwdfname\n";
}
 
/* dump username:password list to file */
$dumpfile = $filter->getParam('dump');
if(file_exists($dumpfile)){
echo "[!] File already exists ($dumpfile)\n";
echo "[!] File already exists ($dumpfile)\n";
exit(0);
}
if(!file_exists($dumpfile) && isset($dumpfile)){
$username = array();
$password = array();
echo "\n--- Dumping username:password to file ---\n";
foreach($list['timeline'] as $item){
if($item['details'] <> ""){
$details = json_decode($item['details'], true);
if($details['payload']['password'][0] <> ""){
$username[] = $details['payload']['username'][0];
$password[] = $details['payload']['password'][0];
}
}
}
$handle = fopen($dumpfile, "w");
foreach($username as $id=>$user){
fwrite($handle, "$user:".$password[$id]."\n");
}
fclose($handle);
echo "[+] File created: $dumpfile\n";
$username = array();
$password = array();
echo "\n--- Dumping username:password to file ---\n";
foreach($list['timeline'] as $item){
if($item['details'] <> ""){
$details = json_decode($item['details'], true);
if($details['payload'][$formPassword][0] <> ""){
$username[] = $details['payload'][$formUsername][0];
$password[] = $details['payload'][$formPassword][0];
}
}
}
$handle = fopen($dumpfile, "w");
foreach($username as $id=>$user){
fwrite($handle, "$user:".$password[$id]."\n");
}
fclose($handle);
echo "[+] File created: $dumpfile\n";
}
 
/* dump list of users requiring training */
$dumpfile2 = $filter->getParam('training');
View
26
README.md
10 - 125 = 24.41% | 22 - 1 = 0.20%
11 - 24 = 4.69% | 23 - 1 = 0.20%
12 - 28 = 5.47% | 24 - = 0.00%
 
--- Rolling times (clicked link or submitted data) ---
10/16 9:00 - 9:30 = 6
10/16 9:30 - 10:00 = 89
10/16 10:00 - 10:30 = 18
10/16 10:30 - 11:00 = 19
10/16 11:00 - 11:30 = 6
10/16 12:00 - 12:30 = 4
10/16 12:30 - 13:00 = 1
10/16 13:00 - 13:30 = 1
10/16 13:30 - 14:00 = 7
10/16 14:30 - 15:00 = 5
10/16 15:00 - 15:30 = 3
10/16 15:30 - 16:00 = 9
10/16 16:30 - 17:00 = 1
10/16 18:00 - 18:30 = 13
10/16 19:30 - 20:00 = 8
10/17 6:30 - 7:00 = 2
10/17 10:00 - 10:30 = 3
10/17 12:00 - 12:30 = 4
10/17 16:30 - 17:00 = 23
10/18 9:30 - 10:00 = 1
10/18 11:30 - 12:00 = 4
10/18 16:00 - 16:30 = 4
10/19 7:30 - 8:00 = 1
10/19 18:30 - 19:00 = 3
 
[+] Clickthrough Speed
Quickest click: 2 sec
Longest click: 18 min
Users clicked < 5 sec: 7
Buy Me A Coffee