From 60c8ad83f483884d2ef7acbf3eb20d988706a0f1 Mon Sep 17 00:00:00 2001 From: TrustedSec Date: Mon, 27 Jun 2016 11:01:46 -0400 Subject: [PATCH] pep8 formatting for phishing --- src/phishing/smtp/client/smtp_client.py | 26 ++++++---- src/phishing/smtp/client/smtp_web.py | 64 ++++++++++++++++--------- 2 files changed, 59 insertions(+), 31 deletions(-) diff --git a/src/phishing/smtp/client/smtp_client.py b/src/phishing/smtp/client/smtp_client.py index 4e353038d..0a73f8c20 100644 --- a/src/phishing/smtp/client/smtp_client.py +++ b/src/phishing/smtp/client/smtp_client.py @@ -13,8 +13,10 @@ import base64 import thread # python 2 to 3 fix -try: from cStringIO import StringIO -except NameError: from io import StringIO +try: + from cStringIO import StringIO +except NameError: + from io import StringIO from email.MIMEMultipart import MIMEMultipart from email.MIMEBase import MIMEBase from email.MIMEText import MIMEText @@ -74,23 +76,26 @@ for line in sendmail_file: email_provider = line.replace("EMAIL_PROVIDER=", "").lower() # support smtp for gmail - ## Issue ## Set reports the email as successfully sent but I haven't had any success with it + # Issue ## Set reports the email as successfully sent but I haven't had + # any success with it if email_provider == "gmail": if sendmail == 0: smtp = ("smtp.gmail.com") port = ("587") - print_status("If you are using GMAIL - you will need to need to create an application password: https://support.google.com/accounts/answer/6010255?hl=en") + print_status( + "If you are using GMAIL - you will need to need to create an application password: https://support.google.com/accounts/answer/6010255?hl=en") # support smtp for yahoo if email_provider == "yahoo": if sendmail == 0: smtp = ("smtp.mail.yahoo.com") - port = ("587") #This was previously 465 and changed to 587 + port = ("587") # This was previously 465 and changed to 587 # support smtp for hotmail if email_provider == "hotmail": if sendmail == 0: - smtp = ("smtp.live.com") #smtp.hotmail.com is no longer in use + smtp = ("smtp.live.com") + # smtp.hotmail.com is no longer in use port = ("587") # DEFINE METASPLOIT PATH @@ -136,7 +141,8 @@ if not os.path.isfile(setdir + "/template.pdf"): if not os.path.isfile(setdir + "/template.rtf"): if not os.path.isfile(setdir + "/template.mov"): print("No previous payload created.") - file_format = input(setprompt(["1"], "Enter the file to use as an attachment")) + file_format = input( + setprompt(["1"], "Enter the file to use as an attachment")) if not os.path.isfile("%s" % (file_format)): while 1: print_error("ERROR:FILE NOT FOUND. Try Again.") @@ -304,7 +310,8 @@ if option1 == '2': if option1 == '99': exit_set() -print(("""\n 1. Use a %s Account for your email attack.\n 2. Use your own server or open relay\n""" % (email_provider))) +print(("""\n 1. Use a %s Account for your email attack.\n 2. Use your own server or open relay\n""" % + (email_provider))) relay = input(setprompt(["1"], "")) counter = 0 # Specify SMTP Option Here @@ -399,7 +406,8 @@ def mail(to, subject, text, attach, prioflag1, prioflag2): mailServer.login(provideruser, pwd) mailServer.sendmail(from_address, to, io.getvalue()) except Exception as e: - print_error("Unable to deliver email. Printing exceptions message below, this is most likely due to an illegal attachment. If using GMAIL they inspect PDFs and is most likely getting caught.") + print_error( + "Unable to deliver email. Printing exceptions message below, this is most likely due to an illegal attachment. If using GMAIL they inspect PDFs and is most likely getting caught.") input("Press {return} to view error message.") print(str(e)) try: diff --git a/src/phishing/smtp/client/smtp_web.py b/src/phishing/smtp/client/smtp_web.py index b3e7a8fff..62212bc4c 100644 --- a/src/phishing/smtp/client/smtp_web.py +++ b/src/phishing/smtp/client/smtp_web.py @@ -10,9 +10,14 @@ import random import time import base64 # fix for python2 to 3 compatibility -try: from cStringIO import StringIO -except NameError: from io import StringIO -import email,email.encoders,email.mime.text,email.mime.base +try: + from cStringIO import StringIO +except NameError: + from io import StringIO +import email +import email.encoders +import email.mime.text +import email.mime.base from email.MIMEMultipart import MIMEMultipart from email.MIMEBase import MIMEBase from email.MIMEText import MIMEText @@ -142,7 +147,8 @@ if option1 == '2': setprompt(["1"], "Path to the file to import into SET")) if not os.path.isfile(filepath): while 1: - print("[!] File not found! Please try again and enter the FULL path to the file.") + print( + "[!] File not found! Please try again and enter the FULL path to the file.") filepath = input( setprompt(["1"], "Path to the file to import into SET")) if os.path.isfile(filepath): @@ -201,8 +207,10 @@ if option1 != "99": file_format = "" yesno = raw_input("Do you want to attach a file - [y/n]: ") if yesno.lower() == "y" or yesno.lower() == "yes": - file_format = raw_input("Enter the path to the file you want to attach: ") - if not os.path.isfile(file_format): file_format = "" + file_format = raw_input( + "Enter the path to the file you want to attach: ") + if not os.path.isfile(file_format): + file_format = "" subject = input(setprompt(["1"], "Email subject")) try: @@ -227,17 +235,28 @@ if option1 != "99": # track email is pulled dynamically from the config as # TRACK_EMAIL_ADDRESSES if track_email.lower() == "on": - print("You have specified to track user email accounts when they are sent. In") - print("order for this to work, you will need to specify the URL within the body") - print("of the email and where you would like to inject the base64 encoded name.") - print("\nWhen a user clicks on the link, the URL Will post back to SET and track") - print("each of the users clicks and who the user was. As an example, say my SET") - print("website is hosted at http://www.trustedsec.com/index.php and I want to track users.") - print("I would type below " + bcolors.BOLD + "http://www.trustedsec.com/index.php?INSERTUSERHERE" + bcolors.ENDC + ". Note that in") - print("order for SET to work, you will need to specify index.php?INSERTUSERHERE. That is the") - print("keyword that SET uses in order to replace the base name with the URL.") - print("\nInsert the FULL url and the " + bcolors.BOLD + "INSERTUSERHERE" + bcolors.ENDC + "on where you want to insert the base64 name.\n\nNOTE: You must have a index.php and a ? mark seperating the user. YOU MUST USE PHP!") - print("\nNote that the actual URL does NOT need to contain index.php but has to be named that for the php code in Apache to work.") + print( + "You have specified to track user email accounts when they are sent. In") + print( + "order for this to work, you will need to specify the URL within the body") + print( + "of the email and where you would like to inject the base64 encoded name.") + print( + "\nWhen a user clicks on the link, the URL Will post back to SET and track") + print( + "each of the users clicks and who the user was. As an example, say my SET") + print( + "website is hosted at http://www.trustedsec.com/index.php and I want to track users.") + print("I would type below " + bcolors.BOLD + + "http://www.trustedsec.com/index.php?INSERTUSERHERE" + bcolors.ENDC + ". Note that in") + print( + "order for SET to work, you will need to specify index.php?INSERTUSERHERE. That is the") + print( + "keyword that SET uses in order to replace the base name with the URL.") + print("\nInsert the FULL url and the " + bcolors.BOLD + "INSERTUSERHERE" + bcolors.ENDC + + "on where you want to insert the base64 name.\n\nNOTE: You must have a index.php and a ? mark seperating the user. YOU MUST USE PHP!") + print( + "\nNote that the actual URL does NOT need to contain index.php but has to be named that for the php code in Apache to work.") print_warning( "IMPORTANT: When finished, type END (all capital) then hit {return} on a new line.") body = input(setprompt( @@ -292,11 +311,12 @@ def mail(to, subject, prioflag1, prioflag2, text): # now attach the file if file_format != "": - fileMsg = email.mime.base.MIMEBase('application', '') - fileMsg.set_payload(file(file_format).read()) - email.encoders.encode_base64(fileMsg) - fileMsg.add_header('Content-Disposition','attachment;filename=%s' % (file_format)) - msg.attach(fileMsg) + fileMsg = email.mime.base.MIMEBase('application', '') + fileMsg.set_payload(file(file_format).read()) + email.encoders.encode_base64(fileMsg) + fileMsg.add_header( + 'Content-Disposition', 'attachment;filename=%s' % (file_format)) + msg.attach(fileMsg) mailServer = smtplib.SMTP(smtp, port)