From ac62f33e8038f6969221af4bac48516ace69c069 Mon Sep 17 00:00:00 2001
From: Jordan Wright <jmwright798@gmail.com>
Date: Mon, 8 Aug 2016 18:28:19 -0500
Subject: [PATCH] Now capturing IP and User Agent information in event logs.
 Fixes #280

---
 controllers/route.go              | 43 +++++++++++++++++++++----------
 static/js/app/campaign_results.js |  2 +-
 2 files changed, 31 insertions(+), 14 deletions(-)

diff --git a/controllers/route.go b/controllers/route.go
index 77efae10..db95d606 100644
--- a/controllers/route.go
+++ b/controllers/route.go
@@ -179,27 +179,44 @@ func PhishHandler(w http.ResponseWriter, r *http.Request) {
 	if err != nil {
 		Logger.Println(err)
 	}
+	d := struct {
+		Payload url.Values        `json:"payload"`
+		Browser map[string]string `json:"browser"`
+	}{
+		Payload: r.Form,
+		Browser: make(map[string]string),
+	}
+	ip, _, err := net.SplitHostPort(r.RemoteAddr)
+	if err != nil {
+		Logger.Println(err)
+		return
+	}
+	// Respect X-Forwarded headers
+	if fips := r.Header.Get("X-Forwarded-For"); fips != "" {
+		ip = strings.Split(fips, ", ")[0]
+	}
+	// Handle post processing such as GeoIP
+	err = rs.UpdateGeo(ip)
+	if err != nil {
+		Logger.Println(err)
+	}
+	d.Browser["address"] = ip
+	d.Browser["user-agent"] = r.Header.Get("User-Agent")
+	rj, err := json.Marshal(d)
+	if err != nil {
+		Logger.Println(err)
+		http.NotFound(w, r)
+		return
+	}
 	switch {
 	case r.Method == "GET":
-		err = c.AddEvent(models.Event{Email: rs.Email, Message: models.EVENT_CLICKED})
+		err = c.AddEvent(models.Event{Email: rs.Email, Message: models.EVENT_CLICKED, Details: string(rj)})
 		if err != nil {
 			Logger.Println(err)
 		}
 	case r.Method == "POST":
 		// If data was POST'ed, let's record it
 		// Store the data in an event
-		d := struct {
-			Payload url.Values        `json:"payload"`
-			Browser map[string]string `json:"browser"`
-		}{
-			Payload: r.Form,
-		}
-		rj, err := json.Marshal(d)
-		if err != nil {
-			Logger.Println(err)
-			http.NotFound(w, r)
-			return
-		}
 		c.AddEvent(models.Event{Email: rs.Email, Message: models.EVENT_DATA_SUBMIT, Details: string(rj)})
 		if err != nil {
 			Logger.Println(err)
diff --git a/static/js/app/campaign_results.js b/static/js/app/campaign_results.js
index 2552d285..63d8a6ea 100644
--- a/static/js/app/campaign_results.js
+++ b/static/js/app/campaign_results.js
@@ -259,7 +259,7 @@ function renderTimeline(data) {
                 '    <i class="fa ' + statuses[event.message].icon + '"></i></div>' +
                 '    <div class="timeline-message">' + escapeHtml(event.message) +
                 '    <span class="timeline-date">' + moment(event.time).format('MMMM Do YYYY h:mm') + '</span>'
-            if (event.details) {
+            if (event.details && event.message == "Submitted Data") {
                 results += '<div class="timeline-replay-button"><button onclick="replay(' + i + ')" class="btn btn-success">'
                 results += '<i class="fa fa-refresh"></i> Replay Credentials</button></div>'
                 results += '<div class="timeline-event-details"><i class="fa fa-caret-right"></i> View Details</div>'