策略引擎>> deepsea>> 返回
项目作者: dsnezhkov

项目描述 :
DeepSea Phishing Gear
高级语言: Go
项目地址: git://github.com/dsnezhkov/deepsea.git
创建时间: 2019-04-15T17:57:22Z
项目社区:https://github.com/dsnezhkov/deepsea
开源协议:Apache License 2.0
下载


DeepSea Phishing Gear

DeepSea phishing gear aims to help RTOs and pentesters with the delivery of opsec-tight,
flexible email phishing campaigns carried out on the outside as well as on the inside of a perimeter.

Goals

  • Operate with a minimal footprint deep inside enterprises (Internal phish delivery).
  • Seamlessly operate with external and internal mail providers (e.g. O365, Gmail, on-prem mail servers)
  • Quickly re-target connectivity parameters.
  • Flexibly add headers, targets, attachments
  • Correctly format and inline email templates, images and multipart messages.
  • Use content templates for personalization
  • Account for various secure email communication parameters
  • Clearly separate artifacts, mark databases and content delivery for multiple (parallel or sequential) phishing campaigns.
  • Help create content with minimal dependencies. Embedded tools to support Markdown->HTML->TXT workflow. |

45 config lines is all you need to consistently send a decent phish …

Usage

Read more here

Build

  1. cd ~/go/src/
  2. export GOPATH=~/go
  4. git clone  https://github.com/dsnezhkov/deepsea
  5. cd deepsea
  7. export GO111MODULE=on
  8. go get
  9. go build -o deepsea main.go

Operations

Setup campaigns workspace

  1. mkdir -p campaigns/campaign1
  2. cp conf/template.yaml campaigns/campaign1/campaign1.yaml
  3. cd campaigns/campaign1

Set Workspace tasks

  • edit campaign.yaml

See descriptions of directives in template

  • edit marks.csv
  1. ident,email,firstname,lastname
  2. <dynamic>,user@gmail.com,,

Load Marks

Note: Manual step (TBD for resolution):

  • Create DB file: touch campain.db
  • load marks from CSV (command like params shown, but could also be defined in the yml)
  1. ../../deepsea  --config campaign1.yaml  storage -d ./campaign.db  load -s ./marks.csv

Alternatively, split db management tasks:

  • create DB
    1. ../../deepsea  --config campaign1.yaml  storage  -d ./campaign.db manager  -T createtable
    2. Using config file: ./campaign1.yaml
    3. 2019/11/18 13:16:16 Task: createtable
    4. 2019/11/18 13:16:16 Creating Marks table
  • load marks from CSV 
  1. ../../deepsea  --config campaign1.yaml  storage -d ./campaign.db  load -s ./marks.csv
  2. Using config file: ./campaign.yaml
  3. 2019/11/18 13:21:11 Dropping table Mark if exists
  4. 2019/11/18 13:21:11 Creating Marks table
  5. 2019/11/18 13:21:11 Pointing to mark table
  6. 2019/11/18 13:21:11 Removing existing rows if any
  7. 2019/11/18 13:21:11 Inserting a row
  8. 2019/11/18 13:21:11 Querying for result : find()
  9. 2019/11/18 13:21:11 Getting all results
  10. 2019/11/18 13:21:11 Printing Marks
  12. vobi97v7, user@gmail.com, , .
  • you can verify the marks are loaded
  1. ../../deepsea  --config ./campaign.yaml  storage  -d ./campaign.db manager  -T showmarks
  2. Using config file: ./campaign.yaml
  3. 2019/11/18 13:22:17 Task: showmarks
  4. 2019/11/18 13:22:17 Querying for result : find()
  6. -= Table: Marks =-
  7. vobi97v7, user@gmail.com, , .

Create Content

Tow methods: templated and hand-rolled

Templated
  1. Get a decent HTML template
    Ex: wget https://raw.githubusercontent.com/leemunroe/responsive-html-email-template/master/email.html
  2. write content
    introduce key/value pairs from yml‘s template-data/dictonary and interpolate in the template
  1. Inline CSS (if needed) when done with the template (.htpl)
  1. ../../deepsea mailclient --config ./campaign.yaml  content inline
  1. Create a TXT verson from the HTML version (.ttpl)
  1. ../../deepsea mailclient --config ./campaign.yaml  content multipart
Hand rolled. Tools

DeepSea provides tools to help roll yourt own html. Most likely you might want to:

  • Cretate HTML snippets from Markdown for fast prototyping
  • HTML to TEXT for seeing how HTML structure looks in terminal and multipart testing
  • Inline CSS Styling for older clients
  • Multipart messages

Example (MD2HTML):

  1. ../../deepsea mailclient --config ./campaign.yaml  content md2html  -M ./campaigns/campaign1.md -H ./campaigns/campaign1.html
  3. #STDOUT
  4. ../../deepsea mailclient --config ./campaign.yaml  content md2html  -M ./campaigns/campaign1.md
  1. ../../deepsea mailclient --config ./campaign.yaml  content html2text  -K ./campaigns/campaign1.html -L ./campaigns/campaign1.txt

Mail Campaign

  1. ../../deepsea mailclient --config ./campaign.yaml 
  3. Using config file: ./campaign.yaml
  4. SMTP Server : smtp.office365.com
  5. SMTP Port   : 587
  6. SMTP User : user@outlook.com
  7. SMTP TLS : yes
  8. From: user@outlook.com
  9. To: campaign.db
  10. Subject: Subject.
  11. Text Template: message.ttpl
  12. HTML Template: message.htpl
  14. -= SMTP Authentication Credentials for smtp.office365.com =-
  15. Enter Password: 
  17. 2019/11/18 18:14:18 Pointing to mark table
  18. 2019/11/18 18:14:18 Querying for result : find()
  19. 2019/11/18 18:14:18 Getting all results
  20. 2019/11/18 18:14:18 -= Marks =-
  21. Emailing: user@gmail.com [id:vobi97v7]

Note: We ask for password on the email provider account interactively for now.

Testing

If you need to run campaign to a test emails, you can reload test marks.
For that, just recycle the data in the marks table like so:

  1. ../../deepsea  --config ./campaign.yaml storage manager -T recycletable
  2. Using config file: ./campaign.yaml
  3. 2019/11/18 18:39:17 Task: recycletable
  4. 2019/11/18 18:39:17 Dropping table Mark if exists
  5. 2019/11/18 18:39:17 Creating Marks table
  • edit marks.csv
  • load test marks
    1. ../../deepsea  --config ./campaign.yaml storage load