Browse Source

Added X-Mailer and X-Gophish-Contact headers (Ref: #1057)

pull/1148/merge
Jordan Wright 3 years ago
parent
commit
9f334281ab
9 changed files with 94 additions and 55 deletions
  1. +3
    -0
      config/config.go
  2. +1
    -0
      controllers/api.go
  3. +1
    -4
      controllers/phish.go
  4. +2
    -1
      controllers/phish_test.go
  5. +0
    -2
      mailer/mailer.go
  6. +7
    -1
      models/email_request.go
  7. +10
    -0
      models/email_request_test.go
  8. +6
    -0
      models/maillog.go
  9. +64
    -47
      models/maillog_test.go

+ 3
- 0
config/config.go View File

@ -40,6 +40,9 @@ var Conf Config
// Version contains the current gophish version
var Version = ""
// ServerName is the server type that is returned in the transparency response.
const ServerName = "gophish"
// LoadConfig loads the configuration from the specified filepath
func LoadConfig(filepath string) {
// Get the config file

+ 1
- 0
controllers/api.go View File

@ -731,6 +731,7 @@ func API_Send_Test_Email(w http.ResponseWriter, r *http.Request) {
}
s.SMTP = smtp
}
s.FromAddress = s.SMTP.FromAddress
// Validate the given request
if err = s.Validate(); err != nil {

+ 1
- 4
controllers/phish.go View File

@ -35,9 +35,6 @@ type TransparencyResponse struct {
// to return a transparency response.
const TransparencySuffix = "+"
// ServerName is the server type that is returned in the transparency response.
const ServerName = "gophish"
// CreatePhishingRouter creates the router that handles phishing connections.
func CreatePhishingRouter() http.Handler {
router := mux.NewRouter()
@ -217,7 +214,7 @@ func RobotsHandler(w http.ResponseWriter, r *http.Request) {
func TransparencyHandler(w http.ResponseWriter, r *http.Request) {
rs := ctx.Get(r, "result").(models.Result)
tr := &TransparencyResponse{
Server: ServerName,
Server: config.ServerName,
SendDate: rs.SendDate,
ContactAddress: config.Conf.ContactAddress,
}

+ 2
- 1
controllers/phish_test.go View File

@ -29,6 +29,7 @@ func (s *ControllersSuite) getFirstEmailRequest() models.EmailRequest {
UserId: 1,
BaseRecipient: campaign.Results[0].BaseRecipient,
SMTP: campaign.SMTP,
FromAddress: campaign.SMTP.FromAddress,
}
err := models.PostEmailRequest(&req)
s.Nil(err)
@ -94,7 +95,7 @@ func (s *ControllersSuite) transparencyRequest(r models.Result, rid, path string
s.Nil(err)
s.Equal(tr.ContactAddress, config.Conf.ContactAddress)
s.Equal(tr.SendDate, r.SendDate)
s.Equal(tr.Server, ServerName)
s.Equal(tr.Server, config.ServerName)
}
func (s *ControllersSuite) TestOpenedPhishingEmail() {

+ 0
- 2
mailer/mailer.go View File

@ -152,14 +152,12 @@ func sendMail(ctx context.Context, dialer Dialer, ms []Mail) {
break
}
message.Reset()
err = m.Generate(message)
if err != nil {
log.Warn(err)
m.Error(err)
continue
}
err = gomail.Send(sender, message)
if err != nil {
if te, ok := err.(*textproto.Error); ok {

+ 7
- 1
models/email_request.go View File

@ -8,6 +8,7 @@ import (
"strings"
"github.com/gophish/gomail"
"github.com/gophish/gophish/config"
log "github.com/gophish/gophish/logger"
"github.com/gophish/gophish/mailer"
)
@ -84,7 +85,6 @@ func PostEmailRequest(s *EmailRequest) error {
return err
}
s.RId = fmt.Sprintf("%s%s", PreviewPrefix, rid)
s.FromAddress = s.SMTP.FromAddress
return db.Save(&s).Error
}
@ -120,6 +120,12 @@ func (s *EmailRequest) Generate(msg *gomail.Message) error {
}
s.URL = url
// Add the transparency headers
msg.SetHeader("X-Mailer", config.ServerName)
if config.Conf.ContactAddress != "" {
msg.SetHeader("X-Gophish-Contact", config.Conf.ContactAddress)
}
// Parse the customHeader templates
for _, header := range s.SMTP.Headers {
key, err := ExecuteTemplate(header.Key, ptx)

+ 10
- 0
models/email_request_test.go View File

@ -6,6 +6,7 @@ import (
"fmt"
"github.com/gophish/gomail"
"github.com/gophish/gophish/config"
"github.com/jordan-wright/email"
check "gopkg.in/check.v1"
)
@ -75,6 +76,12 @@ func (s *ModelsSuite) TestEmailRequestGenerate(ch *check.C) {
FromAddress: smtp.FromAddress,
}
config.Conf.ContactAddress = "test@test.com"
expectedHeaders := map[string]string{
"X-Mailer": config.ServerName,
"X-Gophish-Contact": config.Conf.ContactAddress,
}
msg := gomail.NewMessage()
err = req.Generate(msg)
ch.Assert(err, check.Equals, nil)
@ -94,6 +101,9 @@ func (s *ModelsSuite) TestEmailRequestGenerate(ch *check.C) {
ch.Assert(got.Subject, check.Equals, expected.Subject)
ch.Assert(string(got.Text), check.Equals, string(expected.Text))
ch.Assert(string(got.HTML), check.Equals, string(expected.HTML))
for k, v := range expectedHeaders {
ch.Assert(got.Headers.Get(k), check.Equals, v)
}
}
func (s *ModelsSuite) TestEmailRequestURLTemplating(ch *check.C) {

+ 6
- 0
models/maillog.go View File

@ -11,6 +11,7 @@ import (
"time"
"github.com/gophish/gomail"
"github.com/gophish/gophish/config"
log "github.com/gophish/gophish/logger"
"github.com/gophish/gophish/mailer"
)
@ -157,6 +158,11 @@ func (m *MailLog) Generate(msg *gomail.Message) error {
return err
}
// Add the transparency headers
msg.SetHeader("X-Mailer", config.ServerName)
if config.Conf.ContactAddress != "" {
msg.SetHeader("X-Gophish-Contact", config.Conf.ContactAddress)
}
// Parse the customHeader templates
for _, header := range c.SMTP.Headers {
key, err := ExecuteTemplate(header.Key, ptx)

+ 64
- 47
models/maillog_test.go View File

@ -8,11 +8,33 @@ import (
"net/textproto"
"time"
"github.com/gophish/gophish/config"
"github.com/gophish/gomail"
"github.com/jordan-wright/email"
"gopkg.in/check.v1"
)
func (s *ModelsSuite) emailFromFirstMailLog(campaign Campaign, ch *check.C) *email.Email {
result := campaign.Results[0]
m := &MailLog{}
err := db.Where("r_id=? AND campaign_id=?", result.RId, campaign.Id).
Find(m).Error
ch.Assert(err, check.Equals, nil)
msg := gomail.NewMessage()
err = m.Generate(msg)
ch.Assert(err, check.Equals, nil)
msgBuff := &bytes.Buffer{}
_, err = msg.WriteTo(msgBuff)
ch.Assert(err, check.Equals, nil)
got, err := email.NewEmailFromReader(msgBuff)
ch.Assert(err, check.Equals, nil)
return got
}
func (s *ModelsSuite) TestGetQueuedMailLogs(ch *check.C) {
campaign := s.createCampaign(ch)
ms, err := GetQueuedMailLogs(campaign.LaunchDate)
@ -188,32 +210,56 @@ func (s *ModelsSuite) TestGenerateMailLog(ch *check.C) {
func (s *ModelsSuite) TestMailLogGenerate(ch *check.C) {
campaign := s.createCampaign(ch)
result := campaign.Results[0]
m := &MailLog{}
err := db.Where("r_id=? AND campaign_id=?", result.RId, campaign.Id).
Find(m).Error
ch.Assert(err, check.Equals, nil)
msg := gomail.NewMessage()
err = m.Generate(msg)
ch.Assert(err, check.Equals, nil)
expected := &email.Email{
Subject: fmt.Sprintf("%s - Subject", result.RId),
Text: []byte(fmt.Sprintf("%s - Text", result.RId)),
HTML: []byte(fmt.Sprintf("%s - HTML", result.RId)),
}
msgBuff := &bytes.Buffer{}
_, err = msg.WriteTo(msgBuff)
ch.Assert(err, check.Equals, nil)
got, err := email.NewEmailFromReader(msgBuff)
ch.Assert(err, check.Equals, nil)
got := s.emailFromFirstMailLog(campaign, ch)
ch.Assert(got.Subject, check.Equals, expected.Subject)
ch.Assert(string(got.Text), check.Equals, string(expected.Text))
ch.Assert(string(got.HTML), check.Equals, string(expected.HTML))
}
func (s *ModelsSuite) TestMailLogGenerateTransparencyHeaders(ch *check.C) {
config.Conf.ContactAddress = "test@test.com"
expectedHeaders := map[string]string{
"X-Mailer": config.ServerName,
"X-Gophish-Contact": config.Conf.ContactAddress,
}
campaign := s.createCampaign(ch)
got := s.emailFromFirstMailLog(campaign, ch)
for k, v := range expectedHeaders {
ch.Assert(got.Headers.Get(k), check.Equals, v)
}
}
func (s *ModelsSuite) TestMailLogGenerateOverrideTransparencyHeaders(ch *check.C) {
expectedHeaders := map[string]string{
"X-Mailer": "",
"X-Gophish-Contact": "",
}
smtp := SMTP{
Name: "Test SMTP",
Host: "1.1.1.1:25",
FromAddress: "Foo Bar <foo@example.com>",
UserId: 1,
Headers: []Header{
Header{Key: "X-Gophish-Contact", Value: ""},
Header{Key: "X-Mailer", Value: ""},
},
}
ch.Assert(PostSMTP(&smtp), check.Equals, nil)
campaign := s.createCampaignDependencies(ch)
campaign.SMTP = smtp
ch.Assert(PostCampaign(&campaign, campaign.UserId), check.Equals, nil)
got := s.emailFromFirstMailLog(campaign, ch)
for k, v := range expectedHeaders {
ch.Assert(got.Headers.Get(k), check.Equals, v)
}
}
func (s *ModelsSuite) TestUnlockAllMailLogs(ch *check.C) {
campaign := s.createCampaign(ch)
ms, err := GetMailLogsByCampaign(campaign.Id)
@ -253,21 +299,7 @@ func (s *ModelsSuite) TestURLTemplateRendering(ch *check.C) {
result := campaign.Results[0]
expectedURL := fmt.Sprintf("http://127.0.0.1/%s/?%s=%s", result.Email, RecipientParameter, result.RId)
m := &MailLog{}
err := db.Where("r_id=? AND campaign_id=?", result.RId, campaign.Id).
Find(m).Error
ch.Assert(err, check.Equals, nil)
msg := gomail.NewMessage()
err = m.Generate(msg)
ch.Assert(err, check.Equals, nil)
msgBuff := &bytes.Buffer{}
_, err = msg.WriteTo(msgBuff)
ch.Assert(err, check.Equals, nil)
got, err := email.NewEmailFromReader(msgBuff)
ch.Assert(err, check.Equals, nil)
got := s.emailFromFirstMailLog(campaign, ch)
ch.Assert(got.Subject, check.Equals, expectedURL)
ch.Assert(string(got.Text), check.Equals, expectedURL)
ch.Assert(string(got.HTML), check.Equals, expectedURL)
@ -281,28 +313,13 @@ func (s *ModelsSuite) TestMailLogGenerateEmptySubject(ch *check.C) {
campaign := s.createCampaignDependencies(ch, "") // specify empty subject
// Setup and "launch" our campaign
ch.Assert(PostCampaign(&campaign, campaign.UserId), check.Equals, nil)
result := campaign.Results[0]
m := &MailLog{}
err := db.Where("r_id=? AND campaign_id=?", result.RId, campaign.Id).
Find(m).Error
ch.Assert(err, check.Equals, nil)
msg := gomail.NewMessage()
err = m.Generate(msg)
ch.Assert(err, check.Equals, nil)
expected := &email.Email{
Subject: "",
Text: []byte(fmt.Sprintf("%s - Text", result.RId)),
HTML: []byte(fmt.Sprintf("%s - HTML", result.RId)),
}
msgBuff := &bytes.Buffer{}
_, err = msg.WriteTo(msgBuff)
ch.Assert(err, check.Equals, nil)
got, err := email.NewEmailFromReader(msgBuff)
ch.Assert(err, check.Equals, nil)
got := s.emailFromFirstMailLog(campaign, ch)
ch.Assert(got.Subject, check.Equals, expected.Subject)
}

Loading…
Cancel
Save