added anti-blocking inline images in "Mass Mailer Attack"

pharaoh1 · Mar 20, 2018 · df230c2 · df230c2
1 parent 0ca44a6
commit df230c2
Showing 1 changed file with 22 additions and 1 deletion.
diff --git a/src/phishing/smtp/client/smtp_web.py b/src/phishing/smtp/client/smtp_web.py
@@ -212,6 +212,17 @@
         if not os.path.isfile(file_format):
             file_format = ""
 
+    inline_files = []
+    while True:
+        yesno = raw_input("Do you want to attach an inline file - [y/n]: ")
+        if yesno.lower() == "y" or yesno.lower() == "yes":
+            inline_file = raw_input(
+                "Enter the path to the inline file you want to attach: ")
+            if os.path.isfile(inline_file):
+                inline_files.append( inline_file )
+        else:
+            break
+
     subject = input(setprompt(["1"], "Email subject"))
     try:
         html_flag = input(
@@ -315,9 +326,19 @@ def mail(to, subject, prioflag1, prioflag2, text):
         fileMsg.set_payload(file(file_format).read())
         email.encoders.encode_base64(fileMsg)
         fileMsg.add_header(
-            'Content-Disposition', 'attachment;filename=%s' % (file_format))
+            'Content-Disposition', 'attachment; filename="%s"' % os.path.basename(file_format) )
         msg.attach(fileMsg)
 
+    for inline_file in inline_files:
+        if inline_file != "":
+            fileMsg = email.mime.base.MIMEBase('application', '')
+            fileMsg.set_payload(file(inline_file).read())
+            email.encoders.encode_base64(fileMsg)
+            fileMsg.add_header(
+                'Content-Disposition', 'inline; filename="%s"' % os.path.basename(inline_file) )
+            fileMsg.add_header( "Content-ID", "<%s>" % os.path.basename(inline_file) )
+            msg.attach(fileMsg)
+
     mailServer = smtplib.SMTP(smtp, port)
 
     io = StringIO()