cristiancmoises
/
gophish
mirror of https://github.com/gophish/gophish
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added in functionality to spoof the hostname, not the IP, of the GoPhish 

server that is present in the email headers. Functionality is leveraged
 when using iptables based redirection through a redirector.
pull/1400/head
Ne0nd0g 2019-03-14 21:29:51 -04:00
parent 8b27d852d8
commit 9f5838e6e8
6 changed files with 20 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
db/db_mysql/migrations/20160227180335_0.1.2_store-smtp-settings.sql
View File

@ -10,6 +10,7 @@ CREATE TABLE `smtp`(
user_id bigint, user_id bigint,
interface_type varchar(255), interface_type varchar(255),
name varchar(255), name varchar(255),
spoofed_hostname varchar(255),
host varchar(255), host varchar(255),
username varchar(255), username varchar(255),
password varchar(255), password varchar(255),

1
db/db_sqlite3/migrations/20160227180335_0.1.2_store-smtp-settings.sql
View File

@ -10,6 +10,7 @@ CREATE TABLE smtp(
user_id bigint, user_id bigint,
interface_type varchar(255), interface_type varchar(255),
name varchar(255), name varchar(255),
spoofed_hostname varchar(255),
host varchar(255), host varchar(255),
username varchar(255), username varchar(255),
password varchar(255), password varchar(255),

15
models/smtp.go
View File

@ -34,6 +34,7 @@ type SMTP struct {
UserId int64 `json:"-" gorm:"column:user_id"` UserId int64 `json:"-" gorm:"column:user_id"`
Interface string `json:"interface_type" gorm:"column:interface_type"` Interface string `json:"interface_type" gorm:"column:interface_type"`
Name string `json:"name"` Name string `json:"name"`
SpoofedHostname string `json:"spoofed_hostname"`
Host string `json:"host"` Host string `json:"host"`
Username string `json:"username,omitempty"` Username string `json:"username,omitempty"`
Password string `json:"password,omitempty"` Password string `json:"password,omitempty"`
@ -113,12 +114,16 @@ func (s *SMTP) GetDialer() (mailer.Dialer, error) {
ServerName: s.Host, ServerName: s.Host,
InsecureSkipVerify: s.IgnoreCertErrors, InsecureSkipVerify: s.IgnoreCertErrors,
} }
hostname, err := os.Hostname() if s.SpoofedHostname == "" {
if err != nil { hostname, err := os.Hostname()
log.Error(err) if err != nil {
hostname = "localhost" log.Error(err)
hostname = "localhost"
}
d.LocalName = hostname
} else {
d.LocalName = s.SpoofedHostname
} }
d.LocalName = hostname
return &Dialer{d}, err return &Dialer{d}, err
} }

2
static/js/dist/app/sending_profiles.min.js vendored
View File

File diff suppressed because one or more lines are too long

5
static/js/src/app/sending_profiles.js
View File

@ -18,6 +18,7 @@ function sendTestEmail() {
url: '', url: '',
smtp: { smtp: {
from_address: $("#from").val(), from_address: $("#from").val(),
spoofed_hostname: $("#spoofed_hostname").val(),
host: $("#host").val(), host: $("#host").val(),
username: $("#username").val(), username: $("#username").val(),
password: $("#password").val(), password: $("#password").val(),
@ -55,6 +56,7 @@ function save(idx) {
profile.name = $("#name").val() profile.name = $("#name").val()
profile.interface_type = $("#interface_type").val() profile.interface_type = $("#interface_type").val()
profile.from_address = $("#from").val() profile.from_address = $("#from").val()
profile.spoofed_hostname = $("#spoofed_hostname").val()
profile.host = $("#host").val() profile.host = $("#host").val()
profile.username = $("#username").val() profile.username = $("#username").val()
profile.password = $("#password").val() profile.password = $("#password").val()
@ -90,6 +92,7 @@ function dismiss() {
$("#interface_type").val("SMTP") $("#interface_type").val("SMTP")
$("#from").val("") $("#from").val("")
$("#host").val("") $("#host").val("")
$("#spoofed_hostname").val("")
$("#username").val("") $("#username").val("")
$("#password").val("") $("#password").val("")
$("#ignore_cert_errors").prop("checked", true) $("#ignore_cert_errors").prop("checked", true)
@ -155,6 +158,7 @@ function edit(idx) {
$("#name").val(profile.name) $("#name").val(profile.name)
$("#interface_type").val(profile.interface_type) $("#interface_type").val(profile.interface_type)
$("#from").val(profile.from_address) $("#from").val(profile.from_address)
$("#spoofed_hostname").val(profile.spoofed_hostname)
$("#host").val(profile.host) $("#host").val(profile.host)
$("#username").val(profile.username) $("#username").val(profile.username)
$("#password").val(profile.password) $("#password").val(profile.password)
@ -174,6 +178,7 @@ function copy(idx) {
$("#name").val("Copy of " + profile.name) $("#name").val("Copy of " + profile.name)
$("#interface_type").val(profile.interface_type) $("#interface_type").val(profile.interface_type)
$("#from").val(profile.from_address) $("#from").val(profile.from_address)
$("#spoofed_hostname").val(profile.spoofed_hostname)
$("#host").val(profile.host) $("#host").val(profile.host)
$("#username").val(profile.username) $("#username").val(profile.username)
$("#password").val(profile.password) $("#password").val(profile.password)

2
templates/sending_profiles.html
View File

@ -52,6 +52,8 @@
<label class="control-label" for="from">From:</label> <label class="control-label" for="from">From:</label>
<input type="text" class="form-control" placeholder="First Last <test@example.com>" id="from" <input type="text" class="form-control" placeholder="First Last <test@example.com>" id="from"
required /> required />
<label class="control-label" for="spoofed_hostname">Spoofed Hostname</label>
<input type="text" class="form-control" placeholder="Spoofed hostname found in SMTP recieved header" id="spoofed_hostname">
<label class="control-label" for="host">Host:</label> <label class="control-label" for="host">Host:</label>
<input type="text" class="form-control" placeholder="smtp.example.com:25" id="host" required /> <input type="text" class="form-control" placeholder="smtp.example.com:25" id="host" required />
<label class="control-label" for="username">Username:</label> <label class="control-label" for="username">Username:</label>