4759283117

Build Type

push

github

Committed by GitHub

Commit Message

Merge pull request #123 from cisagov/lineage/skeleton

Run Details

141 of 473 branches covered (29.81%)

Branch coverage included in aggregate %.

9 of 24 new or added lines in 10 files covered. (37.5%)

223 existing lines in 5 files now uncovered.

298 of 1270 relevant lines covered (23.46%)

1.41 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/src/tools/gophish_test.py

"""Send a duplicate assessment from Gophish to custom targets as a test.

Usage:
  Gophish-test [--log-level=LEVEL] ASSESSMENT_ID SERVER API_KEY
  Gophish-test (-h | --help)
  Gophish-test --version

Options:
  API_KEY                   Gophish API key.
  ASSESSMENT_ID             ID of the assessment to test.
  SERVER                    Full URL to Gophish server.
  -h --help                 Show this screen.
  --version                 Show version.
  -l --log-level=LEVEL      If specified, then the log level will be set to
                            the specified value.  Valid values are "debug", "info",
                            "warning", "error", and "critical". [default: info]

NOTE:
  * The test assessment is an exact copy of the real assessment that will be immediately sent
  to the custom targets provided in this tool.
"""

# Standard Python Libraries
import logging
import sys
from typing import Dict

# Third-Party Libraries
from docopt import docopt

# No type stubs exist for gophish, so we add "type: ignore" to tell mypy to
# ignore this library
from gophish.models import SMTP, Campaign, Group, Page, Template, User  # type: ignore
import urllib3

# cisagov Libraries
from tools.connect import connect_api
from util.input import get_input
from util.validate import validate_email

from ._version import __version__

# Disable "Insecure Request" warning: Gophish uses a self-signed certificate
# as default for https connections, which can not be  verified by a third
# party; thus, an SSL insecure request warning is produced.
urllib3.disable_warnings()


def get_campaigns(api, assessment_id):
    """Return a list of all campaigns in an assessment."""
    logging.info("Gathering Campaigns")
    allCampaigns = api.campaigns.get()
    assessmentCampaigns = list()

    for campaign in allCampaigns:
        if campaign.name.startswith(assessment_id):
            assessmentCampaigns.append(campaign)

    # Sets err to true if assessmentCampaigns has 0 length.
    logging.debug("Num Campaigns: %d", len(assessmentCampaigns))
    if not len(assessmentCampaigns):
        logging.warning("No Campaigns found for %s", assessment_id)

    return assessmentCampaigns


def add_group(api, assessment_id):
    """Create a test group."""
    logging.info("Adding Test Group")

    newGroup = Group()

    newGroup.name = "Test-" + assessment_id

    # Holds list of Users to be added to group.
    targets = list()

    target = User()
    target.first_name = get_input("Enter First Name: ")
    # Receives the file name and checks if it exists.
    while target.first_name != "done" or target.first_name == "":

        target.last_name = get_input("Enter Last Name: ")

        while True:
            target.email = get_input("Enter Email: ")
            if not validate_email(target.email):
                print("In Valid Email")
            else:
                break

        target.position = get_input("Enter Org: ")

        targets.append(target)

        target = User()
        target.first_name = get_input("Enter First Name or 'done': ")

    newGroup.targets = targets

    newGroup = api.groups.post(newGroup)

    return newGroup.name


def campaign_test(api, assessmentCampaigns, assessment_id):
    """Create test campaigns."""
    tempGroups = [Group(name=add_group(api, assessment_id))]

    for campaign in assessmentCampaigns:
        tempUrl = campaign.url
        tempName = "Test-" + campaign.name
        tempPage = Page(name=campaign.page.name)
        tempTemplate = Template(name=campaign.template.name)
        tempSmtp = SMTP(name=campaign.smtp.name)

        postCampaign = Campaign(
            name=tempName,
            groups=tempGroups,
            page=tempPage,
            template=tempTemplate,
            smtp=tempSmtp,
            url=tempUrl,
        )

        postCampaign = api.campaigns.post(postCampaign)
        logging.debug("Test Campaign added: %s", postCampaign.name)

    logging.info("All Test campaigns added.")

    return True


def main() -> None:
    """Set up logging, connect to API, load all test data."""
    args: Dict[str, str] = docopt(__doc__, version=__version__)

    # Set up logging
    log_level = args["--log-level"]
    try:
        logging.basicConfig(
            format="\n%(levelname)s: %(message)s", level=log_level.upper()
        )
    except ValueError:
        logging.critical(
            '"%s" is not a valid logging level.  Possible values are debug, info, warning, and error.',
            log_level,
        )
        sys.exit(1)

    # Connect to API
    try:
        api = connect_api(args["API_KEY"], args["SERVER"])
        logging.debug("Connected to: %s", args["SERVER"])
    except Exception as e:
        logging.critical(e.args[0])
        sys.exit(1)

    assessmentCampaigns = get_campaigns(api, args["ASSESSMENT_ID"])

    if len(assessmentCampaigns) > 0:
        campaign_test(api, assessmentCampaigns, args["ASSESSMENT_ID"])

    # Stop logging and clean up
    logging.shutdown()

1	"""Send a duplicate assessment from Gophish to custom targets as a test.
2
3	Usage:
4	Gophish-test [--log-level=LEVEL] ASSESSMENT_ID SERVER API_KEY
5	Gophish-test (-h \| --help)
6	Gophish-test --version
7
8	Options:
9	API_KEY Gophish API key.
10	ASSESSMENT_ID ID of the assessment to test.
11	SERVER Full URL to Gophish server.
12	-h --help Show this screen.
13	--version Show version.
14	-l --log-level=LEVEL If specified, then the log level will be set to
15	the specified value. Valid values are "debug", "info",
16	"warning", "error", and "critical". [default: info]
17
18	NOTE:
19	* The test assessment is an exact copy of the real assessment that will be immediately sent
20	to the custom targets provided in this tool.
21	"""
22
23	# Standard Python Libraries
24	import logging	×
25	import sys	×
26	from typing import Dict	×
27
28	# Third-Party Libraries
29	from docopt import docopt	×
30
31	# No type stubs exist for gophish, so we add "type: ignore" to tell mypy to
32	# ignore this library
NEW 33	from gophish.models import SMTP, Campaign, Group, Page, Template, User # type: ignore	×
NEW 34	import urllib3	×
35
36	# cisagov Libraries
37	from tools.connect import connect_api	×
UNCOV 38	from util.input import get_input	×
UNCOV 39	from util.validate import validate_email	×
40
41	from ._version import __version__	×
42
43	# Disable "Insecure Request" warning: Gophish uses a self-signed certificate
44	# as default for https connections, which can not be verified by a third
45	# party; thus, an SSL insecure request warning is produced.
NEW 46	urllib3.disable_warnings()	×
47
48
49	def get_campaigns(api, assessment_id):	×
50	"""Return a list of all campaigns in an assessment."""
UNCOV 51	logging.info("Gathering Campaigns")	×
52	allCampaigns = api.campaigns.get()	×
UNCOV 53	assessmentCampaigns = list()	×
54
55	for campaign in allCampaigns:	×
56	if campaign.name.startswith(assessment_id):	×
UNCOV 57	assessmentCampaigns.append(campaign)	×
58
59	# Sets err to true if assessmentCampaigns has 0 length.
60	logging.debug("Num Campaigns: %d", len(assessmentCampaigns))	×
UNCOV 61	if not len(assessmentCampaigns):	×
UNCOV 62	logging.warning("No Campaigns found for %s", assessment_id)	×
63
64	return assessmentCampaigns	×
65
66
67	def add_group(api, assessment_id):	×
68	"""Create a test group."""
UNCOV 69	logging.info("Adding Test Group")	×
70
UNCOV 71	newGroup = Group()	×
72
UNCOV 73	newGroup.name = "Test-" + assessment_id	×
74
75	# Holds list of Users to be added to group.
76	targets = list()	×
77
UNCOV 78	target = User()	×
79	target.first_name = get_input("Enter First Name: ")	×
80	# Receives the file name and checks if it exists.
81	while target.first_name != "done" or target.first_name == "":	×
82
UNCOV 83	target.last_name = get_input("Enter Last Name: ")	×
84
85	while True:
86	target.email = get_input("Enter Email: ")	×
UNCOV 87	if not validate_email(target.email):	×
UNCOV 88	print("In Valid Email")	×
89	else:
90	break	×
91
UNCOV 92	target.position = get_input("Enter Org: ")	×
93
UNCOV 94	targets.append(target)	×
95
UNCOV 96	target = User()	×
97	target.first_name = get_input("Enter First Name or 'done': ")	×
98
99	newGroup.targets = targets	×
100
UNCOV 101	newGroup = api.groups.post(newGroup)	×
102
UNCOV 103	return newGroup.name	×
104
105
106	def campaign_test(api, assessmentCampaigns, assessment_id):	×
107	"""Create test campaigns."""
UNCOV 108	tempGroups = [Group(name=add_group(api, assessment_id))]	×
109
UNCOV 110	for campaign in assessmentCampaigns:	×
111	tempUrl = campaign.url	×
UNCOV 112	tempName = "Test-" + campaign.name	×
113	tempPage = Page(name=campaign.page.name)	×
114	tempTemplate = Template(name=campaign.template.name)	×
115	tempSmtp = SMTP(name=campaign.smtp.name)	×
116
117	postCampaign = Campaign(	×
118	name=tempName,
119	groups=tempGroups,
120	page=tempPage,
121	template=tempTemplate,
122	smtp=tempSmtp,
123	url=tempUrl,
124	)
125
UNCOV 126	postCampaign = api.campaigns.post(postCampaign)	×
UNCOV 127	logging.debug("Test Campaign added: %s", postCampaign.name)	×
128
129	logging.info("All Test campaigns added.")	×
130
UNCOV 131	return True	×
132
133
134	def main() -> None:	×
135	"""Set up logging, connect to API, load all test data."""
UNCOV 136	args: Dict[str, str] = docopt(__doc__, version=__version__)	×
137
138	# Set up logging
139	log_level = args["--log-level"]	×
UNCOV 140	try:	×
UNCOV 141	logging.basicConfig(	×
142	format="\n%(levelname)s: %(message)s", level=log_level.upper()
143	)
144	except ValueError:	×
UNCOV 145	logging.critical(	×
146	'"%s" is not a valid logging level. Possible values are debug, info, warning, and error.',
147	log_level,
148	)
UNCOV 149	sys.exit(1)	×
150
151	# Connect to API
152	try:	×
UNCOV 153	api = connect_api(args["API_KEY"], args["SERVER"])	×
UNCOV 154	logging.debug("Connected to: %s", args["SERVER"])	×
155	except Exception as e:	×
156	logging.critical(e.args[0])	×
157	sys.exit(1)	×
158
159	assessmentCampaigns = get_campaigns(api, args["ASSESSMENT_ID"])	×
160
UNCOV 161	if len(assessmentCampaigns) > 0:	×
162	campaign_test(api, assessmentCampaigns, args["ASSESSMENT_ID"])	×
163
164	# Stop logging and clean up
165	logging.shutdown()	×

cisagov / gophish-tools / 4759283117

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous