feat: change it into CLI

main
Muhammad Daffa 2023-08-14 12:36:19 +07:00
parent 8bd623c6bf
commit 887030ec8d
4 changed files with 112 additions and 36 deletions

9
Dockerfile Normal file
View File

@ -0,0 +1,9 @@
FROM php:8.0-cli
WORKDIR /app
COPY main.php .
RUN apt-get update && apt-get install -y dnsutils
CMD ["php", "main.php"]

View File

@ -1,2 +1,46 @@
# MailSpoof
Simple API to scans SPF, DMARC, DKIM records for issues that could allow email spoofing.
MailSpoof is a simple program that scans SPF and DMARC records for issues that could allow email spoofing.
## Getting Started
Follow these steps to use the MailSpoof tool using Docker:
### Prerequisites
- Docker installed on your system
### Usage
1. Clone this repository:
```
git clone https://github.com/yourusername/YourRepositoryName.git
cd YourRepositoryName
```
2. Build the Docker image:
```
docker build -t mailspoof .
```
3. Run the Docker container and specify the target URL (replace `<url>` with the actual URL):
```
docker run --rm mailspoof <url> [--output=json]
```
Replace `<url>` with the target URL you want to check. You can also include the `--output=json` flag if you want JSON output.
4. Access the output:
To access the output, copy the `output.txt` file from the container to your host system:
```
docker cp <container_id>:/app/output.txt ./output.txt
```
## License
This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.

View File

@ -1,35 +0,0 @@
<?php
$param = $_GET["spf"];
$param2 = "_dmarc." . $_GET["dmarc"];
if ($param) {
check($param,"v=spf1");
}
if ($param2) {
check($param2,"v=DMARC1");
}
function check($url, $string) {
$array = dns_get_record($url, DNS_ALL);
for ($i = 0; $i <= count($array) - 1; $i++) {
$nestedarray = $array[$i];
for ($j = 0; $j <= count($nestedarray) - 1; $j++) {
if (array_key_exists("txt", $nestedarray)) {
$str = $nestedarray['txt'];
$search = $string;
if (preg_match("/{$search}/i", $str)) {
echo (prepareAPIResponse("success", $str, "found"));
break;
}
}
}
}
}
function prepareAPIResponse($status='success', $data=null, $msg=null) {
header('content-type: application/json');
return json_encode([
'status'=>$status,
'data'=>$data,
'message'=>$msg
]);
}

58
main.php Normal file
View File

@ -0,0 +1,58 @@
<?php
if ($argc < 2) {
echo "Usage: php script.php <url> [--output=json]\n";
exit(1);
}
$url = $argv[1];
$outputFormat = in_array('--output=json', $argv) ? 'json' : 'text';
$results = [];
check($url, "v=spf1");
check("_dmarc." . $url, "v=DMARC1");
if ($outputFormat === 'json') {
echo json_encode($results, JSON_PRETTY_PRINT) . PHP_EOL;
} else {
displayTextOutput();
}
function check($url, $string) {
global $results;
$txtRecords = dns_get_record($url, DNS_TXT);
$status = "fail";
$data = "";
foreach ($txtRecords as $txtRecord) {
if (preg_match("/{$string}/i", $txtRecord['txt'])) {
$status = "success";
$data = $txtRecord['txt'];
break;
}
}
$recordType = ($string === "v=spf1") ? "SPF" : "DMARC";
$results[] = [
'type' => $recordType,
'status' => $status,
'data' => $data
];
}
function displayTextOutput() {
global $results;
foreach ($results as $result) {
echo "{$result['type']} Records:\n";
if ($result['type'] === 'DMARC' && $result['status'] === 'fail') {
echo "Not Found\n";
} else {
echo "{$result['data']}\n";
}
echo "\n";
}
}