Added unit tests for attachment variables

models/attachment.go

@@ -34,7 +34,7 @@ func (a Attachment) ValidateAttachment() error {
 		URL:         "http://testurl.com/?rid=1234567",
 		TrackingURL: "http://testurl.local/track?rid=1234567",
 		Tracker:     "<img alt='' style='display: none' src='http://testurl.local/track?rid=1234567'/>",
-		From:        "From Address",
+		From:        "Foobus Barbus",
 		RId:         "1234567",
 	}
 

models/attachment_test.go

@@ -0,0 +1,68 @@
+package models
+
+import (
+	"bufio"
+	"encoding/base64"
+	"fmt"
+	"io/ioutil"
+	"log"
+	"os"
+	"path/filepath"
+
+	"gopkg.in/check.v1"
+)
+
+func (s *ModelsSuite) TestAttachment(c *check.C) {
+	ptx := PhishingTemplateContext{
+		BaseRecipient: BaseRecipient{
+			FirstName: "Foo",
+			LastName:  "Bar",
+			Email:     "foo@bar.com",
+			Position:  "Space Janitor",
+		},
+		BaseURL:     "http://testurl.com",
+		URL:         "http://testurl.com/?rid=1234567",
+		TrackingURL: "http://testurl.local/track?rid=1234567",
+		Tracker:     "<img alt='' style='display: none' src='http://testurl.local/track?rid=1234567'/>",
+		From:        "From Address",
+		RId:         "1234567",
+	}
+
+	files, err := ioutil.ReadDir("testdata")
+	if err != nil {
+		log.Fatalf("Failed to open attachment folder 'testdata': %v\n", err)
+	}
+	for _, ff := range files {
+		if !ff.IsDir() {
+			fname := ff.Name()
+			fmt.Printf("Checking attachment file -> %s\n", fname)
+			f, err := os.Open("testdata/" + fname)
+			if err != nil {
+				log.Fatalf("Failed to open attachment test file '%s': %v\n", fname, err)
+			}
+			reader := bufio.NewReader(f)
+			content, err := ioutil.ReadAll(reader)
+			if err != nil {
+				log.Fatalf("Failed to read attachment test file '%s': %v\n", fname, err)
+			}
+
+			data := ""
+			if filepath.Ext(fname) == ".b64" {
+				data = string(content)
+				fname = fname[:len(fname)-4]
+			} else {
+				data = base64.StdEncoding.EncodeToString(content)
+			}
+
+			a := Attachment{
+				Content: data,
+				Name:    fname,
+			}
+
+			_, err = a.ApplyTemplate(ptx)
+			c.Assert(err, check.Equals, nil)
+
+		}
+	}
+
+}

models/testdata/html-file-with-vars.html

@@ -0,0 +1,13 @@
+<html>
+<head><title>Page for {{.FirstName}}</title></head>
+
+<body>
+
+Hello {{.FirstName}} {{.LastName}} <p>
+
+
+Click <a href="{{.URL}}">here</a> for a legit link.
+
+</body>
+{{.Tracker}}
+</html>

models/testdata/html-file-without-vars.html

@@ -0,0 +1,9 @@
+<html>
+<head><title>There are no variables here.</title></head>
+
+<body>
+
+There are no vars in this file.
+
+</body>
+</html>

models/testdata/text-file-with-vars.txt

@@ -0,0 +1,19 @@
+The target's unique ID: {{.RId}}
+
+The target's first name: {{.FirstName}}
+
+The target's last name: {{.LastName}}
+
+The target's position: {{.Position}}
+
+The target's email address: {{.Email}}
+
+The spoofed sender: {{.From}}
+
+The URL to the tracking handler: {{.TrackingURL}}
+
+An alias for tracker image: {{.Tracker}}
+
+The phishing URL: {{.URL}}
+
+The base URL with the path and rid parameter stripped. Useful for making links to static files: {{.BaseURL}}

models/testdata/text-file-without-vars.txt

@@ -0,0 +1,11 @@
+There are no variables in this file.
+
+Lorem ipsum dolor sit amet, consectetur adipiscing elit. Donec fermentum rhoncus mi, nec tristique nulla. Cras nec tempus ligula, non vulputate tellus. Maecenas lobortis quam quis diam tempus pellentesque. Nullam id elit lobortis, dictum purus quis, aliquam dui. Sed maximus tempus accumsan. Praesent a velit leo. Fusce malesuada dui lacus, sed auctor elit luctus sed. Pellentesque convallis commodo justo, eu lacinia leo aliquet sed. Vestibulum id lectus fermentum, porta odio vel, laoreet metus. Morbi sit amet mattis est. Suspendisse sem justo, viverra ullamcorper metus sit amet, porttitor efficitur tellus. Duis odio libero, scelerisque eget tempus a, vulputate in enim. Nunc ut erat quis dolor auctor ultricies.
+
+Suspendisse odio purus, luctus ut placerat nec, consectetur id nisl. Morbi sit amet interdum dolor, sed volutpat enim. Proin sit amet quam eros. Suspendisse placerat nisl ut lorem facilisis ullamcorper. Ut et leo consequat, pulvinar est vitae, tempus sem. Nullam hendrerit efficitur viverra. Nam pellentesque non tellus ac ullamcorper. Vivamus elementum felis eget ornare finibus. Donec sit amet purus id est congue vulputate ac quis enim. Duis ut enim libero.
+
+Duis dictum dolor ante. Nulla consequat varius dolor sed rutrum. Integer dictum consequat volutpat. Aenean fringilla ex id mauris consectetur maximus. Vivamus suscipit odio non leo congue, quis hendrerit lacus luctus. Nulla facilisi. Aliquam nec ipsum suscipit, pulvinar sapien et, bibendum ante. Nunc auctor velit ac varius eleifend. Fusce viverra cursus tristique. Morbi ornare ipsum odio, aliquet auctor neque vestibulum vitae. Praesent in turpis urna. Cras vel enim id risus iaculis dapibus bibendum mollis velit. Morbi vel quam ac odio ullamcorper aliquam eget id ex. Nulla facilisi. Morbi in ex quis felis ullamcorper laoreet vel eget ex. Aenean ultricies quam tortor, non molestie enim rutrum eu.
+
+Cras ipsum neque, pretium nec ornare eget, lacinia id magna. Praesent gravida neque orci, id pellentesque nisl ultricies ut. Etiam accumsan imperdiet accumsan. Suspendisse quis consequat arcu. Cras id nisi at augue ultrices faucibus et sit amet quam. Vivamus nec orci viverra, efficitur velit et, consequat urna. Etiam imperdiet vestibulum velit, in convallis mauris consequat ac. Nullam non egestas tortor, eget sagittis tortor. Etiam in lacinia urna. Nullam interdum lacus ut ullamcorper ornare. Vestibulum tincidunt nulla tincidunt, venenatis tellus vel, placerat tellus. Nam sit amet leo volutpat sapien varius fringilla iaculis sed sapien. Praesent accumsan, urna quis tincidunt pharetra, augue nisi iaculis odio, sed rhoncus purus mi vel est. Sed ac diam diam. Morbi ut pellentesque elit.
+
+Maecenas varius orci neque, eget feugiat mi dignissim sit amet. Donec ac euismod arcu, id ornare sem. Curabitur egestas lorem vitae mi molestie venenatis. Aenean volutpat sapien libero, sit amet varius ipsum dapibus in. Sed aliquam ante quis turpis varius, ornare vulputate nisi bibendum. Cras eget pharetra lorem. Nulla at odio lacinia, vestibulum lacus vitae, luctus ligula. Sed tincidunt dolor vitae ex feugiat fermentum.