Learning Pyyaml

This week I set about learning how to set up a configuration file within a python project. I decided to go about using a YAML file for this purpose. YAML files provide a very clean way of setting up a configuration file, by allowing you to create groups of fields. These easily manageable groups create a simple method for separating a single configuration file across multiple classes within the same project. There a few different libraries that allow python to interact with YAML files, but a majority of people seem to recommend PyYAML. I decided to create a simple YAMLfile, storing the values that I use to pass into the program as system arguments within the YAML instead. A using a few tutorials online I was easily able to retrieve the values and use them in my href replacer, just as I had with the system arguments. I now plan to work on hooking up the SimpleEmailSpoofer that I mentioned last week to the href replacer in order to easily send emails after they have been created.

Fun with Python Tools

So I started this week testing out a few different python tools, to just check if spoofing would possible or difficult. I found this blog https://www.cybrary.it/0p3n/email-spoofing/ . From there I was able to find a couple different tools the first one is able to check whether a domain is spoofeable. The second one is a quick script to actually spoof an email. I needed to first set up a postfix server on my computer in order to use the SimpleEmailSpoofer. After a couple minutes of configuration I was able to successfully spoof an email. Here are the tools I tried out:

https://github.com/BishopFox/spoofcheck
https://github.com/lunarca/SimpleEmailSpoofer

After trying out this tool, I created a simple script that allowed me to replace hrefs within an email. I plan to expand this tool this weekend to swap out multiple areas of an email based on a configuration file, probably using a yaml as the configuration file. Using this tool I plan on generating a unique ID for each of these emails so we would be able to track user interaction with these emails, before sending these emails out whether through the SimpleEmailSpoofer or another method.

A New Project

School has started once again, and with it comes time to start another project. I plan to work with Keathen on this project and we will be developing some tools for phishing emails. We do not yet have a title for this project. We plan to create software for one of the computer science professors that will be using this for an experiment later this year.

The first part of the project we will be developing tools to actually allow us to phish more easily. We plan on developing a tool that will allow us to replace all hrefs within an email so we can quickly make a “legitimate” email into a “legitimate-looking” phishing email. In addition we plan on creating a python web server, using the twisted framework. This is an event driven framework, that allows us to perform calls on variety of protocols, compared to just tcp. We hope to use this web server as a method for recording data and tracking user engagement with our emails. We plan on running this on a virtualized Ubuntu server running at the school. We plan to also write a program so that we can send out, and potentially spoof, emails. We hope to use this program with a csv full of email addresses. In addition we plan on saving information to this CSV and updating fields as time goes on with the web server.

For the second half of our project we plan on developing a program that can easily take the data we have saved to csv and received from the web server and put it into an easily readable form. This will allow any clients to easily access this data even if they don’t have an in depth understanding of the software used to generate and send the phishing emails. This is primarily useful  as we eventually plan to have this software used for an experiment.