tatanus / spf Goto Github PK

So hello again!
Still continue to have some errors in usage of my external ip!
So i tried like this i put templates to localhost/var/www/html folders to run them on localhost and my external ip!
i changed default.cnf so it points out WEB_TEMPLATE_PATH: /var/www/html/templates/
When i run spf i use --ip command all seems fine: VERBOSE] Found the following web sites: [templates/web/citrix2/CONFIG]
[] [VERBOSE] Found the following web sites: [/var/www/html/templates/web/office365/CONFIG]
[] [VERBOSE] Found the following web sites: [[/var/www/html/templates/web/cisco/CONFIG]
[] [VERBOSE] Found the following web sites: [[/var/www/html/templates/web/juniper_vpn/CONFIG]
[] [VERBOSE] Found the following web sites: [[/var/www/html/templates/web/owa/CONFIG]
[] [VERBOSE] Found the following web sites: [/var/www/html/templates/web/citrix/CONFIG]
[] [VERBOSE] Started website [cisco_vpn ] on [http://9x.156.0.0.0:8000]
[] [VERBOSE] Started website [citrix2 ] on [http://9x.156.0.0.0:8001]
[] [VERBOSE] Started website [junipervpn] on [http://9x.156.0.0:8002]
[] [VERBOSE] Started website [owa ] on [http://9x.1560.0.0.04:8003]
[] [VERBOSE] Started website [office365 ] on [http://9x.156.0.0.0:8004]
[] [VERBOSE] Started website [citrix ] on [http://9x.1560.0.0:8005]
[] [VERBOSE] Started WebServer with pid = [5867]

pages are even opening on my external ip, but keylogger is disabled, i cannot see in terminal any changes, and passwords are not captured! when i switch ip to my internal ip: 192.16X.X.XX1
pages are visible and working like should! Limitations is only local and spf idea is changed!
could you please paste me some example of your test config files so i can look up what i,m doing wrong or where is cause!
Also problem with beef module! When i enable it in conf file get some ip error!
I,m running beef on my external ip and dynamic dns client and all works fine!

would you add the new template of DWA? it' would be great

First things first great tool and a lot of potential. But in playing around with over the last few days I encountered some issues:

1. --ip didn't change the IP address. it still took my system ip regardles of what I put in. Also I would like to see this be part of the cfg too. It looks like (line 212 of web.py) the variable ip is getting set to the system ip address (that is if I am reading it right and following all the right paths).
2. I set a custom smtp in the cfg and verified that it worked over port 25 (non-ssl) but when switching to SSL (port 465) it didn't work - as if it wasn't making an ssl handshake. I confirmed through outlook that ssl worked.
3. I switched the templates around - wanted to send just one (office365) but kept getting the cisco vpn one not sure why it wasn't picking up other templates (configured it in config file). Would like to see this as an option in cfg as well - which email template (and of course the associated web template)]

keep up the good work

Got this errors.
Also attaching a screenshot.

########
File "/root/SPF/spf/core/../web.py", line 281, in start
cert_path = m.group(1)
AttributeError: 'NoneType' object has no attribute 'group'
########

########
[VERBOSE] /bin/bash: certonly: command not found
########

// Operating system used to compile and run SPF.
Kali Linux 2017
Ubuntu 16.04.3 LTS

// Shell command trying to run
./spf.py -d example.com -g -v -v -f targets.txt --simulate -w

Bugs/Issues

1. I ran SPF with the -v option (for verbose) and noticed that in this "mode" I don't have the ability to select the template like I do in regular "mode".
2. The reports are written under _example... I would like to see them written under the domain name - thought it did this but I have yet to get it to do so (could be me doing it wrong).

Enhancement
Ok this is a big one but I think it would be really cool in the long run. However do to the amount of changes, if it doesn't happen I completely understand. Since we have an option to read in an email file can we use that file to set other parameters/options? For example if I have a CSV file that looks like this: email,template#,pillageY/N I could have a lot more flexibility when sending emails. I could set who gets which template and whether or not they get pillaged by user rather than "all or nothing". Note I could accomplish this functionality through multiple runs but that negates the SPEED part :)

I am having an issue sending the emails. I am using the default.cfg. Should I change some of the default values for the SMTP server?

/would love to see (in the logs) which engine provided the email address.

how we/you can add Instagram Template ?

Hi,

I'm trying to use your script to send the web phishes pages by emails and I'm trying with some my email.... So, I create a txt file and call it email.txt that contains emails for three different lines, in the Spf directory...

When I try to launch the attack I type:

./spf.py -d example.com --ip my_public_address -f email.txt -C default.cfg

When the attack start appears me emails that are included in file: "email.txt"..
Then for the question : "obtaining list of email address" I answer "Y", the program write the emails included in the file and it automatically exit and don't laugh the attack...

Why ?? there is an error or am I that do something wrong?

Thanks!

Have this issue while executing SPF in kali 2020.2

[] Starting phishing webserver
Traceback (most recent call last):
File "/usr/lib/python3.8/sre_parse.py", line 1039, in parse_template
[] [VERBOSE] FIXED = [templates/web/juniper_vpn]
this = chr(ESCAPES[this][1])
KeyError: '\d'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/root/SPF/spf/core/../web.py", line 394, in
[] [VERBOSE] FIXED = [templates/web/citrix2]
PhishingWebServer(Utils.decompressDict(sys.argv[1])).start()
File "/root/SPF/spf/core/../web.py", line 300, in start
[] [VERBOSE] FIXED = [templates/web/domino]
[] [VERBOSE] FIXED = [templates/web/office365]
self.phishingsites[key] = PhishingSite(self.config, key, self.websites[key]['path'], self.logpath, "logs/" + self.websites[key]['logfile'], self.db, self.websites[key]['redirecturl']).getResource()
File "/root/SPF/spf/core/../web.py", line 162, in init
[] [VERBOSE] FIXED = [templates/web/owa]
self.resource.putChild(b"index", phishingForm(self.config, self.vhost, self.path, self.logpath, self.logfile, self.db, redirect))
File "/root/SPF/spf/core/../web.py", line 68, in init
[] [VERBOSE] FIXED = [templates/web/cisco]
self.loadIndex()
File "/root/SPF/spf/core/../web.py", line 99, in loadIndex
[] [VERBOSE] FIXED = [templates/web/citrix]
html = re.sub("", "<script>(function(a,b){if(/(android|bb\d+|meego).+mobile|avantgo|bada/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge |maemo|midp|mmp|mobile.+firefox|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)/|plucker|pocket|psp|series(4|6)0|symbian|treo|up.(browser|link)|vodafone|wap|windows ce|xda|xiino/i.test(a)||/1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw-(n|u)|c55/|capi|ccwa|cdm-|cell|chtm|cldc|cmd-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc-s|devi|dica|dmob|do(c|p)o|ds(12|-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(-|)|g1 u|g560|gene|gf-5|g-mo|go(.w|od)|gr(ad|un)|haie|hcit|hd-(m|p|t)|hei-|hi(pt|ta)|hp( i|ip)|hs-c|ht(c(-| ||a|g|p|s|t)|tp)|hu(aw|tc)|i-(20|go|ma)|i230|iac( |-|/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |/)|klon|kpt |kwc-|kyo(c|k)|le(no|xi)|lg( g|/(k|l|u)|50|54|-[a-w])|libw|lynx|m1-w|m3ga|m50/|ma(te|ui|xo)|mc(01|21|ca)|m-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|-([1-8]|c))|phil|pire|pl(ay|uc)|pn-2|po(ck|rt|se)|prox|psio|pt-g|qa-a|qc(07|12|21|32|60|-[2-7]|i-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55/|sa(ge|ma|mm|ms|ny|va)|sc(01|h-|oo|p-)|sdk/|se(c(-|0|1)|47|mc|nd|ri)|sgh-|shar|sie(-|m)|sk-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h-|v-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl-|tdg-|tel(i|m)|tim-|t-mo|to(pl|sh)|ts(70|m-|m3|m5)|tx-9|up(.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas-|your|zeto|zte-/i.test(a.substr(0,4)))window.location=b})(navigator.userAgent||navigator.vendor||window.opera,<site_url>/mobile.html');</script>", html, flags=re.I)
[] [VERBOSE] Found the following web sites: [templates/web/juniper_vpn/CONFIG]
File "/usr/lib/python3.8/re.py", line 210, in sub
[] [VERBOSE] Found the following web sites: [templates/web/citrix2/CONFIG]
[] [VERBOSE] Found the following web sites: [templates/web/domino/CONFIG]
[] [VERBOSE] Found the following web sites: [templates/web/office365/CONFIG]
return _compile(pattern, flags).sub(repl, string, count)
File "/usr/lib/python3.8/re.py", line 327, in _subx
[] [VERBOSE] Found the following web sites: [templates/web/owa/CONFIG]
[] [VERBOSE] Found the following web sites: [templates/web/cisco/CONFIG]
[*] [VERBOSE] Found the following web sites: [templates/web/citrix/CONFIG]
template = _compile_repl(template, pattern)
File "/usr/lib/python3.8/re.py", line 318, in _compile_repl
return sre_parse.parse_template(repl, pattern)
File "/usr/lib/python3.8/sre_parse.py", line 1042, in parse_template
raise s.error('bad escape %s' % this, len(this))
re.error: bad escape \d at position 38

fix with ngrok pls and let it redirect to the original page when submitted/login

Hello,

On my trials, SimlyEmail gave me a lot more results than theHarvester. You might want to give it a look.

Great tool, I'm loving the flexibility and how easy it is to use. One enhancement would be to output all the click and captured info to a single csv file vs the html attempt. Thanks for making great things.

Hey @tatanus great project you have here!

What do you think about per email template attachments instead of globally setting via the config? From my own experiences with phishing the attachment is typically dependant on the context of the email.

Thoughts?

Possible to get a little more explanation on the usage of these arguments:
-d domain name to phish
-c <company's name> name of company to phish
--ip IP of webserver defaults to [192.168.1.124]
-v, --verbosity increase output verbosity?

Thanks

Is it possible to get the error message to be read in from the config file? I do not like modifying the code every time I change the message (always afraid I am going to fat finger something). I often use a different one depending on the audience. One of my current favorites is (trying to proactively prevent them from calling anyone):

We're currently experiencing technical difficulties. IT is working closely with our external partners to make sure these issues get resolved as quickly as possible.
We'll update you when we've got more info to share.

Ok this is a big one but I think it would be really cool in the long run. However do to the amount of changes, if it doesn't happen I completely understand. Since we have an option to read in an email file can we use that file to set other parameters/options? For example if I have a CSV file that looks like this: email,template#,pillageY/N I could have a lot more flexibility when sending emails. I could set who gets which template and whether or not they get pillaged by user rather than "all or nothing". Note I could accomplish this functionality through multiple runs but that negates the SPEED part :)

Hello Friends,
I am new in cybersecurity, I am using

I was using SPF, and followed all the instruction given below:
apt-get update
apt-get upgrade -y
apt-get install git build-essential python-dev python-pip phantomjs -y

apt install python3-twisted
apt install python3-dnspython

git clone --recursive https://github.com/tatanus/SPF.git
and receiving this error.

Sorry for starting new thread but this is an issue with the newest code base - more specifically the template choice. Here is the "issue":

1. Run spf and choose 1 template - send your email then end spf via ctrl+c
2. Re-run spf - the only choice you get is the one from 1. If you choose it no problem. If any other number is entered you get an error.
3. Re-run spf a second time - you get all choices back.

Vhosts activate fine, but aren't accessible externally...
what do i change? hosts?

Hello wanted to ask do you have any tips to change from internal ip to external! I mean pages use external ip or noip client! I tried it to configure, everything passes nicely, but pages refuse to open in browser!
Thanks!

Cannot load or open the website. Presumably there is something in plain sight that i am missing. Have tried both spf.py --test -d example.com and ./webpy default.cfg

Generating SSL CERT
/bin/bash: certonly: command not found

Traceback (most recent call last):
File "./web.py", line 323, in
PhishingWebServer(Utils.load_config(sys.argv[1])).start()
File "./web.py", line 281, in start
cert_path = m.group(1)
AttributeError: 'NoneType' object has no attribute 'group'

an error that theHarvester_path not pointing to a valid file.

./spf.py
*** print_tb:
File "./spf.py", line 13, in
framework.run(sys.argv[1:])

*** print_exception:
Traceback (most recent call last):
File "./spf.py", line 13, in
framework.run(sys.argv[1:])
File "/root/SPF/spf/core/framework.py", line 994, in run
self.parse_parameters(argv)
gaierror: [Errno -2] Name or service not known

*** print_exc:
Traceback (most recent call last):
File "./spf.py", line 13, in
framework.run(sys.argv[1:])
File "/root/SPF/spf/core/framework.py", line 994, in run
self.parse_parameters(argv)
File "/root/SPF/spf/core/framework.py", line 242, in parse_parameters
help="IP of webserver defaults to [%s]" % (Utils.getIP()))
File "/root/SPF/spf/core/utils.py", line 125, in getIP
ip = socket.gethostbyname(socket.gethostname())
gaierror: [Errno -2] Name or service not known