Email module for social engineering based on Jabra script

git-svn-id: file:///home/svn/framework3/trunk@6163 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-19 01:18:00 +00:00 · 2009-01-19 01:18:00 +00:00 · 14f7a91efb
parent 7ef0ddeec5
commit 14f7a91efb
1 changed files with 126 additions and 0 deletions
--- a/modules/auxiliary/client/smtp/emailer.rb
+++ b/modules/auxiliary/client/smtp/emailer.rb
@ -0,0 +1,126 @@
+
+##
+# This file is part of the Metasploit Framework and may be subject to 
+# redistribution and commercial restrictions. Please see the Metasploit
+# Framework web site for more information on licensing and terms of use.
+# http://metasploit.com/projects/Framework/
+##
+
+
+require 'msf/core'
+require 'yaml'
+
+
+class Metasploit3 < Msf::Auxiliary
+
+	#
+	# This module sends email messages via smtp
+	#
+	include Msf::Exploit::Remote::SMTPDeliver
+
+	def initialize(info = {})
+		super(update_info(info,
+			'Name'           => 'Generic Emailer (SMTP)',
+			'Description'    => %q{
+				Based on Jabra spl0it.org email script for social engineering,  
+				this module simply sends emails.
+			},
+			'License'        => MSF_LICENSE,
+			'Version'        => '$Revision$',
+			'References'     =>
+				[
+					[ 'URL', 'http://spl0it.org/' ],
+				],	
+			'Author'         => [ 'et <et[at]metasploit.com>' ]))
+			
+			register_options(
+				[	
+					OptString.new('RHOST', [true, "SMTP server address",'127.0.0.1']),
+					OptString.new('RPORT', [true, "SMTP server port",'25']),
+					OptString.new('MAILTO', [false, "DO NOT MODIFY",'nil@nil.nil']),
+					OptString.new('YAML_CONFIG', [true, "Full path to YAML Configuration file",File.join(Msf::Config.install_root, "data","emailer_config.yaml")]),
+				], self.class)	
+
+	end
+	
+	def run
+		
+		
+		fileconf = File.open(datastore['YAML_CONFIG'])
+		yamlconf = YAML::load(fileconf) 
+		
+		fileto = yamlconf['to'] 
+		from = yamlconf['from']
+		subject = yamlconf['subject']
+		type = yamlconf['type']
+		msg_file = yamlconf['msg_file']
+		wait = yamlconf['wait']
+		add_name = yamlconf['add_name']
+		sig = yamlconf['sig']
+		sig_file = yamlconf['sig_file']
+		attachment = yamlconf['attachment']
+		attachment_file = yamlconf['attachment_file']
+		attachment_file_type = yamlconf['attachment_file_type']
+		attachment_file_name = yamlconf['attachment_file_name']
+		
+		datastore['MAILFROM'] = from
+		
+		msg = File.open(msg_file).read
+
+		email_sig = File.open(sig_file).read
+
+		if (type !~ /text/i and type !~ /text\/html/i)	
+			print_error("YAML config: #{type}")
+		end
+	
+		File.open(fileto).each do |l|
+			if l !~ /\@/
+				nil
+			end
+		
+			nem = l.split(',')
+			name = nem[0].split(' ')
+			fname = name[0]
+			lname = name[1]
+			email = nem[1]
+			
+			
+			print_status("[#{add_name}]")
+			if add_name 
+				email_msg_body = "#{fname},\n\n#{msg}" 			
+			else 
+				email_msg_body = msg
+			end
+
+			if sig
+				data_sig = File.open(sig_file).read
+				email_msg_body = "#{email_msg_body}\n#{data_sig}"
+			end
+			
+			print_status("Emailing #{name} at #{email}")
+
+			mime_msg = Rex::MIME::Message.new
+			mime_msg.mime_defaults
+
+			mime_msg.from = from
+			mime_msg.to = email
+			datastore['MAILTO'] = email
+			mime_msg.subject = subject
+			
+			mime_msg.add_part(Rex::Text.encode_base64(email_msg_body, "\r\n"), type, "base64", "inline")
+				
+			if attachment
+				if attachment_file_name
+					data_attachment = File.open(attachment_file).read
+					mime_msg.add_part(Rex::Text.encode_base64(data_attachment, "\r\n"), attachment_file_type, "base64", "attachment; filename=\"#{attachment_file_name}\"")
+				end
+			end
+			
+			send_message(mime_msg.to_s)		
+		end
+	
+		print_status("Email sent..")
+	end
+ end
+
+