├── requirements.txt ├── groups_template.csv ├── sending_profiles_template.csv ├── campaigns_template.csv ├── readme.md └── Gofish.py /requirements.txt: -------------------------------------------------------------------------------- 1 | requests==2.24.0 2 | gophish==0.5.1 3 | -------------------------------------------------------------------------------- /groups_template.csv: -------------------------------------------------------------------------------- 1 | First Name,Last Name,Email,Position 2 | 李,逍遥,lixiaoyao@189.cn,1 3 | -------------------------------------------------------------------------------- /sending_profiles_template.csv: -------------------------------------------------------------------------------- 1 | name,host,address,username,password 2 | 1,smtp.189.cn:465,IT,xxx@189.cn,123 3 | -------------------------------------------------------------------------------- /campaigns_template.csv: -------------------------------------------------------------------------------- 1 | name,groups,page,template,smtp,url 2 | 1-任务名称,1.csv-groups名称,189-page名称,1-template名称,1-sending_profiles名称,https://xx.xx.xx.xx:8090-钓鱼网页地址 3 | -------------------------------------------------------------------------------- /readme.md: -------------------------------------------------------------------------------- 1 | # 0x01 环境 2 | python3 3 | 4 | # 0x02 配置 5 | 打开脚本填写API KEY和gophish地址即可 6 | 7 | # 0x02 Options: 8 | -h, --help show this help message and exit 9 | 10 | --createSP create Sending Profiles 11 | 12 | --createG create groups 13 | 14 | --createC create campaigns 15 | 16 | --deleteSP=DELETESP delete Sending Profiles 17 | 18 | --deleteG=DELETEG delete groups 19 | 20 | --deleteC=DELETEC delete campaigns 21 | 22 | --getSP=GETSP get Sending Profiles 23 | 24 | --getG=GETG get groups 25 | 26 | --getC=GETC get campaigns 27 | 28 | --complete=COMPLETE complete campaigns 29 | 30 | --saveResults=SAVERESULTS save Results 31 | 32 | --dir=DIR 指定目录 33 | 34 | --ifile=IFILE 指定文件 35 | 36 | --ofile=OFILE 输出文件 37 | 38 | --helps 参考语法 39 | 40 | 41 | # 0x03 参考语句 42 | 01、创建发件邮箱(指定目录):python3 Gofish.py --createSP --dir C:\\Users\\gophish\\smtp 43 | 44 | 02、创建发件邮箱(指定文件):python3 Gofish.py --createSP --ifile C:\\Users\\gophish\\smtp\\1.csv 45 | 46 | 03、删除发件邮箱(所有邮箱):python3 Gofish.py --deleteSP 0 47 | 48 | 04、删除发件邮箱(指定ID值):python3 Gofish.py --deleteSP 81-85,87,88-90 49 | 50 | 05、获取发件邮箱(所有邮箱):python3 Gofish.py --getSP 0 51 | 52 | 06、获取发件邮箱(指定ID值):python3 Gofish.py --getSP 81-85,87,88-90 53 | 54 | 07、创建发件目标(指定目录):python3 Gofish.py --createG --dir C:\\Users\\gophish\\groups 55 | 56 | 08、获取发件目标(所有目标):python3 Gofish.py --getG 0 57 | 58 | 09、获取发件目标(指定ID值):python3 Gofish.py --getG 20-25,27,28-30 59 | 60 | 10、删除发件目标(所有目标):python3 Gofish.py --deleteG 0 61 | 62 | 11、获取发件目标(指定ID值):python3 Gofish.py --deleteG 20-25,27,28-30 63 | 64 | 12、创建钓鱼任务(指定文件):python3 Gofish.py --createC --ifile C:\\Users\\gophish\\campaigns\\1.csv 65 | 66 | 13、获取钓鱼任务(所有任务):python3 Gofish.py --getC 0 67 | 68 | 14、获取钓鱼任务(指定ID值):python3 Gofish.py --getC 45-47,50 69 | 70 | 15、删除钓鱼任务(所有任务):python3 Gofish.py --deleteC 0 71 | 72 | 16、删除钓鱼任务(指定ID值):python3 Gofish.py --deleteC 45-49,50 73 | 74 | 17、完成钓鱼任务(所有任务):python3 Gofish.py --complete 0 75 | 76 | 18、获取钓鱼任务(指定ID值):python3 Gofish.py --complete 51-53 77 | 78 | 19、导出钓鱼任务(所有任务):python3 Gofish.py --saveResults 0 --ofile allResults 79 | 80 | 20、导出钓鱼任务(中招用户):python3 Gofish.py --saveResults 1 --ofile submitDat 81 | -------------------------------------------------------------------------------- /Gofish.py: -------------------------------------------------------------------------------- 1 | import re 2 | import os 3 | import sys 4 | import csv 5 | import requests 6 | import optparse 7 | from gophish import Gophish 8 | from gophish.models import * 9 | 10 | requests.packages.urllib3.disable_warnings() 11 | 12 | API_KEY = "" #33335 13 | url = "" 14 | 15 | api = Gophish(API_KEY, host=url, verify=False) 16 | 17 | banner = ''' 18 | 参考语句: 19 | 20 | 01、创建发件邮箱(指定目录):python3 Gofish.py --createSP --dir C:\\Users\\gophish\\smtp 21 | 02、创建发件邮箱(指定文件):python3 Gofish.py --createSP --ifile C:\\Users\\gophish\\smtp\\1.csv 22 | 03、删除发件邮箱(所有邮箱):python3 Gofish.py --deleteSP 0 23 | 04、删除发件邮箱(指定ID值):python3 Gofish.py --deleteSP 81-85,87,88-90 24 | 05、获取发件邮箱(所有邮箱):python3 Gofish.py --getSP 0 25 | 06、获取发件邮箱(指定ID值):python3 Gofish.py --getSP 81-85,87,88-90 26 | 07、创建发件目标(指定目录):python3 Gofish.py --createG --dir C:\\Users\\gophish\\groups 27 | 08、获取发件目标(所有目标):python3 Gofish.py --getG 0 28 | 09、获取发件目标(指定ID值):python3 Gofish.py --getG 20-25,27,28-30 29 | 10、删除发件目标(所有目标):python3 Gofish.py --deleteG 0 30 | 11、获取发件目标(指定ID值):python3 Gofish.py --deleteG 20-25,27,28-30 31 | 12、创建钓鱼任务(指定文件):python3 Gofish.py --createC --ifile C:\\Users\\gophish\\campaigns\\1.csv 32 | 13、获取钓鱼任务(所有任务):python3 Gofish.py --getC 0 33 | 14、获取钓鱼任务(指定ID值):python3 Gofish.py --getC 45-47,50 34 | 15、删除钓鱼任务(所有任务):python3 Gofish.py --deleteC 0 35 | 16、删除钓鱼任务(指定ID值):python3 Gofish.py --deleteC 45-49,50 36 | 17、完成钓鱼任务(所有任务):python3 Gofish.py --complete 0 37 | 18、获取钓鱼任务(指定ID值):python3 Gofish.py --complete 51-53 38 | 19、导出钓鱼任务(所有任务):python3 Gofish.py --saveResults 0 --ofile allResults 39 | 20、导出钓鱼任务(中招用户):python3 Gofish.py --saveResults 1 --ofile submitData_or_clickLink 40 | 41 | ''' 42 | 43 | class GophishPY(): 44 | def __init__(self): 45 | self.csv_data = "" 46 | self.files_name = [] 47 | 48 | parser = optparse.OptionParser() 49 | parser.add_option("--createSP", action="store_true", dest="createSP", help="create Sending Profiles") 50 | parser.add_option("--createG", action="store_true", dest="createG", help="create groups") 51 | parser.add_option("--createC", action="store_true", dest="createC", help="create campaigns") 52 | 53 | parser.add_option("--deleteSP", dest="deleteSP", help="delete Sending Profiles") 54 | parser.add_option("--deleteG", dest="deleteG", help="delete groups") 55 | parser.add_option("--deleteC", dest="deleteC", help="delete campaigns") 56 | 57 | parser.add_option("--getSP", dest="getSP", help="get Sending Profiles") 58 | parser.add_option("--getG", dest="getG", help="get groups") 59 | parser.add_option("--getC", dest="getC", help="get campaigns") 60 | 61 | parser.add_option("--complete", dest="complete", help="complete campaigns") 62 | 63 | parser.add_option("--saveResults", dest="saveResults", help="save Results") 64 | 65 | parser.add_option("--dir", dest="dir", help="指定目录") 66 | parser.add_option("--ifile", dest="ifile", help="指定文件") 67 | parser.add_option("--ofile", dest="ofile", help="输出文件") 68 | 69 | 70 | parser.add_option("--helps", action="store_true", dest="helps", help="参考语法") 71 | 72 | self.options, self.args = parser.parse_args() 73 | self.main() 74 | 75 | def main(self): 76 | # create sendig profiles 77 | if self.options.createSP != None: 78 | print("------------------create sendig profiles------------------") 79 | print() 80 | # 根据指定目录下的文件创建 sendig profiles 81 | if self.options.dir != None: 82 | self.get_files_name(self.options.dir) 83 | for fn in self.files_name: 84 | with open(fn[0],encoding="utf-8") as openCsv: 85 | reader = csv.reader(openCsv) 86 | header = next(reader) 87 | for row in reader: 88 | try: 89 | name, host, address, username, password = row[0],row[1],row[2],row[3],row[4] 90 | print("creating sendig profile:" + name) 91 | self.create_sending_profile(name, host, address, username, password) 92 | except: 93 | print("任务失败,请检擦语法是否正确!") 94 | # 根据指定文件创建 sendig profiles 95 | elif self.options.ifile != None: 96 | with open(self.options.ifile,encoding="utf-8") as openCsv: 97 | reader = csv.reader(openCsv) 98 | header = next(reader) 99 | for row in reader: 100 | try: 101 | name, host, address, username, password = row[0],row[1],row[2],row[3],row[4] 102 | print("creating sendig profile" + name) 103 | self.create_sending_profile(name, host, address, username, password) 104 | except: 105 | print("任务失败,请检擦语法是否正确!") 106 | else: 107 | print("任务失败,请检擦语法是否正确!") 108 | 109 | # create groups 110 | elif self.options.createG != None: 111 | print("------------------create groups------------------") 112 | print() 113 | # 根据指定文件创建 groups 114 | if self.options.dir != None: 115 | self.get_files_name(self.options.dir) 116 | for fn in self.files_name: 117 | with open(fn[0],encoding="utf-8") as openCsv: 118 | reader = csv.reader(openCsv) 119 | header = next(reader) 120 | targets = [] 121 | for row in reader: 122 | first_name, last_name, email, position = row[0],row[1],row[2],row[3] 123 | targets.append(User(first_name=first_name, last_name=last_name, email=email, position=position)) 124 | try: 125 | print("creating groups:" + fn[1]) 126 | self.create_group(fn[1], targets) 127 | except: 128 | print("任务失败,请检擦语法是否正确!") 129 | else: 130 | print("任务失败,请检擦语法是否正确!") 131 | 132 | # create Campaigns 133 | elif self.options.createC != None: 134 | print("------------------ reate camplains -----------------") 135 | print() 136 | # 根据指定文件创建 Campaigns 137 | if self.options.ifile != None: 138 | with open(self.options.ifile,encoding="utf-8") as openCsv: 139 | reader = csv.reader(openCsv) 140 | header = next(reader) 141 | for row in reader: 142 | try: 143 | name, groups, page, template, smtp, url = row[0],row[1],row[2],row[3],row[4],row[5] 144 | print("creating Campaigns:" + name) 145 | self.create_campaign(name, groups, page, template, smtp, url) 146 | except: 147 | print("任务失败,请检擦语法是否正确!") 148 | else: 149 | print("任务失败,请检擦语法是否正确!") 150 | 151 | # delete sending profiles 152 | elif self.options.deleteSP != None: 153 | print("------------------ delete sending profiles ------------------") 154 | print() 155 | ids = [] 156 | if self.options.deleteSP == "0": 157 | smtps = self.get_sending_profiles() 158 | for smtp in smtps: 159 | ids.append(smtp.id) 160 | else: 161 | ids = self.get_id(self.options.deleteSP) 162 | for id in ids: 163 | print("deleting sending profiles:"+str(id)) 164 | self.delete_sending_profile(id) 165 | 166 | # delete groups 167 | elif self.options.deleteG != None: 168 | print("------------------ delete groups ------------------") 169 | print() 170 | ids = [] 171 | if self.options.deleteG == "0": 172 | groups = self.get_groups() 173 | for group in groups: 174 | ids.append(group.id) 175 | else: 176 | ids = self.get_id(self.options.deleteG) 177 | for id in ids: 178 | print("deleting groups:"+str(id)) 179 | self.delete_group(id) 180 | 181 | # delete campaigns 182 | elif self.options.deleteC != None: 183 | print("------------------ delete campaigns ------------------") 184 | print() 185 | ids = [] 186 | if self.options.deleteC == "0": 187 | campaigns = self.get_campaigns() 188 | for campaign in campaigns: 189 | ids.append(campaign.id) 190 | else: 191 | ids = self.get_id(self.options.deleteC) 192 | for id in ids: 193 | print("deleting campaigns:"+str(id)) 194 | self.delete_campaign(id) 195 | 196 | 197 | # get campaigns 198 | elif self.options.getC != None: 199 | campaigns = [] 200 | if self.options.getC == "0": 201 | campaigns = self.get_campaigns() 202 | else: 203 | ids = self.get_id(self.options.getC) 204 | for id in ids: 205 | campaign = self.get_campaign(id) 206 | campaigns.append(campaign) 207 | print("campaign.id campaign.name") 208 | print("------------------------------------------------------------------") 209 | for campaign in campaigns: 210 | print(str(campaign.id)+" "+campaign.name) 211 | print("------------------------------------------------------------------") 212 | 213 | # get groups 214 | elif self.options.getG != None: 215 | groups = [] 216 | if self.options.getG == "0": 217 | groups = self.get_groups() 218 | else: 219 | ids = self.get_id(self.options.getG) 220 | for id in ids: 221 | group = self.get_group(id) 222 | groups.append(group) 223 | print("group.id group.name") 224 | print("------------------------------------------------------------------") 225 | for group in groups: 226 | print(str(group.id)+" "+group.name) 227 | print("------------------------------------------------------------------") 228 | 229 | # get sending profiles 230 | elif self.options.getSP != None: 231 | smtps = [] 232 | if self.options.getSP == "0": 233 | smtps = self.get_sending_profiles() 234 | else: 235 | ids = self.get_id(self.options.getSP) 236 | for id in ids: 237 | smtp = self.get_sending_profile(id) 238 | smtps.append(smtp) 239 | print("smtp.id smtp.name smtp.from_address") 240 | print("------------------------------------------------------------------") 241 | for smtp in smtps: 242 | print(str(smtp.id)+" "+smtp.name+" "+smtp.from_address) 243 | print("------------------------------------------------------------------") 244 | 245 | # complete campaign 246 | elif self.options.complete != None: 247 | print("------------------complete " + self.options.complete + " campaign------------") 248 | print() 249 | ids = [] 250 | if self.options.complete == '0': 251 | campaigns = self.get_campaigns() 252 | for campaign in campaigns: 253 | ids.append(campaign.id) 254 | else: 255 | ids = self.get_id(self.options.complete) 256 | for id in ids: 257 | print("complete campaign:"+str(id)) 258 | try: 259 | self.complete_campaign(id) 260 | except: 261 | print("任务失败,请检擦语法是否正确!") 262 | 263 | # save Results 264 | elif self.options.saveResults != None: 265 | print("------------------save Results-------------------") 266 | print() 267 | data = [] 268 | if self.options.saveResults == "0": 269 | campaigns = self.get_campaigns() 270 | for campaign in campaigns: 271 | for results in campaign.results: 272 | data.append(results) 273 | elif self.options.saveResults == "1": 274 | campaigns = self.get_campaigns() 275 | for campaign in campaigns: 276 | for results in campaign.results: 277 | if results.status == "Clicked Link" or results.status == "Submitted Data": 278 | data.append(results) 279 | self.save_results(data) 280 | 281 | elif self.options.helps != None: 282 | print(banner) 283 | 284 | else: 285 | print("任务失败,请检擦语法是否正确!") 286 | 287 | 288 | # 处理id 289 | def get_id(self,ids): 290 | id = [] 291 | if "," in ids: 292 | ids = ids.split(",") 293 | for i in range(0,len(ids)): 294 | if "-" in ids[i]: 295 | ids[i] = ids[i].split("-") 296 | for idsi in range(int(ids[i][0]),int(ids[i][1])+1): 297 | id.append(idsi) 298 | else: 299 | id.append(int(ids[i])) 300 | elif "-" in ids: 301 | ids = ids.split("-") 302 | for idsi in range(int(ids[0]),int(ids[1])+1): 303 | id.append(idsi) 304 | else: 305 | id.append(int(ids)) 306 | return id 307 | 308 | # 保存 results 309 | def save_results(self, datas): 310 | headers = ["first_name", "last_name", "email", "position", "status"] 311 | rows = [] 312 | file = self.options.ofile 313 | file = file+".csv" 314 | for data in datas: 315 | rows.append([data.first_name,data.last_name,data.email,data.position,data.status]) 316 | with open(file,"w",newline='') as wCsv: 317 | f_csv = csv.writer(wCsv) 318 | f_csv.writerow(headers) 319 | f_csv.writerows(rows) 320 | 321 | # 获取文件名 322 | def get_files_name(self,path): 323 | for file in os.listdir(path): 324 | file_path = os.path.join(path, file) 325 | self.files_name.append([file_path, file]) 326 | 327 | ''' 328 | sending_profile ?????? 329 | id (int) The smtp ID 330 | name (str) The smtp name 331 | interface_type (str) The type of SMTP connection (for now, always use SMTP) 332 | host (str) The host:port of the SMTP server 333 | from_address (str) The address to send emails from (e.g. John Doe ) 334 | ignore_cert_errors (bool) Whether or not to ignore SSL certificate validation errors (set to true in the case of self-signed certificates) 335 | modified_date (optional: datetime.datetime) The datetime this SMTP profile was previously modified 336 | ''' 337 | def get_sending_profile(self, id): 338 | smtp = api.smtp.get(smtp_id=id) 339 | return smtp 340 | 341 | def get_sending_profiles(self): 342 | smtps = api.smtp.get() 343 | return smtps 344 | 345 | def create_sending_profile(self, name, host, address, username, password): 346 | smtp = SMTP(name=name) 347 | smtp.host = host 348 | smtp.from_address = address 349 | smtp.interface_type = "SMTP" 350 | smtp.ignore_cert_errors = True 351 | smtp.username = username 352 | smtp.password = password 353 | smtp = api.smtp.post(smtp) 354 | 355 | def delete_sending_profile(self, id): 356 | api.smtp.delete(smtp_id=id) 357 | 358 | ''' 359 | Landing_Pages ????? 360 | id (int) The page ID 361 | html (str) The page HTML 362 | name (str) The page name 363 | modified_date (optional: datetime.datetime) The scheduled time for page launch 364 | capture_credentials (bool default:False) Whether or not the landing page should capture credentials 365 | capture_passwords (bool default:False) Whether or not the landing page should capture passwords 366 | redirect_url (str) The URL to redirect targets to after they submit data 367 | ''' 368 | def get_Landing_Pages(self): 369 | pages = api.pages.get() 370 | return pages 371 | 372 | def get_Landing_Page(self, id): 373 | page = api.pages.get(page_id=id) 374 | return page 375 | 376 | def create_Landing_Page(self, name, html, capture, url=""): 377 | if capture == "data": 378 | page = Page(name=name, html=html, capture_credentials=True, redirect_url=url) 379 | elif capture == "pass": 380 | page = Page(name=name, html=html, capture_passwords=True, redirect_url=url) 381 | else: 382 | page = Page(name=name, html=html, redirect_url=url) 383 | page = api.pages.post(page) 384 | 385 | def delete_Landing_Page(self, id): 386 | api.pages.delete(page_id=id) 387 | 388 | ''' 389 | Template ?????? 390 | id (int) The template ID 391 | name (str) The template name 392 | html (str) The template HTML 393 | text (str) The template HTML 394 | modified_date (optional: datetime.datetime) The scheduled time for template launch 395 | attachments (list(models.Attachment)) The optional email attachments 396 | ''' 397 | def get_Templates(self): 398 | templates = api.templates.get() 399 | return templates 400 | 401 | def get_Template(self, id): 402 | template = api.templates.get(template_id=id) 403 | return template 404 | 405 | def create_Template(self, name, html): 406 | template = Template(name=name,html=html) 407 | template = api.templates.post(template) 408 | return template 409 | 410 | def delete_Template(self, id): 411 | api.Template.delete(template_id=id) 412 | 413 | ''' 414 | groups ??????? 415 | id (int) The user ID 416 | first_name (str) The first name 417 | last_name (str) The last name 418 | email (str) The email address 419 | position (str) The position (job role) 420 | ''' 421 | def get_groups(self): 422 | groups = api.groups.get() 423 | return groups 424 | 425 | def get_group(self, id): 426 | group = api.groups.get(group_id=id) 427 | return group 428 | 429 | # ???? groups 430 | ''' 431 | targets = [ 432 | User(first_name='John', last_name='Doe', email='johndoe@example.com'), 433 | User(first_name='Jane', last_name='Doe', email='janedoe@example.com') 434 | ] 435 | ''' 436 | def create_group(self, name, targets): 437 | group = Group(name=name, targets=targets) 438 | group = api.groups.post(group) 439 | return group 440 | 441 | def delete_group(self, id): 442 | api.groups.delete(group_id=id) 443 | 444 | # campaign.results 445 | ''' 446 | id (int) The result ID 447 | first_name (str) The first name 448 | last_name (str) The last name 449 | email (str) The email address 450 | position (str) The position (job role) 451 | ip (str) The last seen IP address 452 | latitude (float) The latitude of the ip 453 | longitude (float) The longitude of the ip 454 | status (str) The users status in the campaign 455 | Email Sent 456 | Sending 457 | Error 458 | Email Opened 459 | Clicked Link 460 | Submitted Data 461 | ''' 462 | def get_campaigns(self): 463 | campaigns = api.campaigns.get() 464 | return campaigns 465 | 466 | def get_campaign(self, id): 467 | campaign = api.campaigns.get(campaign_id=id) 468 | return campaign 469 | 470 | def create_campaign(self, name, groups, page, template, smtp, url): 471 | groups = [Group(name=groups)] 472 | page = Page(name=page) 473 | template = Template(name=template) 474 | smtp = SMTP(name=smtp) 475 | url = url 476 | campaign = Campaign(name=name, groups=groups, page=page, template=template, smtp=smtp, url=url) 477 | campaign = api.campaigns.post(campaign) 478 | return campaign 479 | 480 | def delete_campaign(self, id): 481 | api.campaigns.delete(campaign_id=id) 482 | 483 | def complete_campaign(self, id): 484 | api.campaigns.complete(campaign_id=id) 485 | 486 | if __name__ == "__main__": 487 | GP = GophishPY() 488 | 489 | --------------------------------------------------------------------------------