-
Notifications
You must be signed in to change notification settings - Fork 56
/
SpoofThatMail.sh
94 lines (77 loc) · 3.53 KB
/
SpoofThatMail.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
#!/bin/bash
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color
help () {
echo "Accepted parameters:\n"
echo "Use -d along with a domain name, example sh SpoofThatMail.sh -d domain.com"
echo "Null string will be detected and ignored\n"
echo "Use -f along with a file containing domain names, example sh SpoofThatMail.sh -f domains.txt"
echo "Note that the path provided for the file must be a valid one\n"
}
check_url () {
domain=$1
retval=0
output=$(nslookup -type=txt _dmarc."$domain")
if [ -n "$(echo "$output" | egrep "\;[^s]*p[s]*\s*=\s*reject\s*")" ];then
echo "$domain is ${GREEN}NOT vulnerable${NC}"
elif [ -n "$(echo "$output" | egrep "\;[^s]*p[s]*\s*=\s*quarantine\s*")" ];then
echo "$domain ${YELLOW}can be vulnerable${NC} (email will be sent to spam)"
elif [ -n "$(echo "$output" | egrep "\;[^s]*p[s]*\s*=\s*none\s*")" ];then
echo "$domain is ${RED}vulnerable${NC}"
retval=1
else
echo "$domain is ${RED}vulnerable${NC} (No DMARC record found)"
retval=1
fi
return $retval
}
check_file () {
input=$1
COUNTER=0
VULNERABLES=0
while IFS= read -r line
do
COUNTER=$((COUNTER=COUNTER+1))
check_url $line
VULNERABLES=$((VULNERABLES=VULNERABLES+$?))
done < $input
echo "\n$VULNERABLES out of $COUNTER domains are ${RED}vulnerable ${NC}"
}
main () {
while getopts d:f: flag
do
case "${flag}" in
f) file=${OPTARG};;
d) domain=${OPTARG};;
esac
done
if [ -n "$domain" ]; then
check_url $domain
elif [ -f "$file" ]; then
check_file $file
else
help
fi
}
echo "
███████╗██████╗ ██████╗ ██████╗ ███████╗
██╔════╝██╔══██╗██╔═══██╗██╔═══██╗██╔════╝
███████╗██████╔╝██║ ██║██║ ██║█████╗
╚════██║██╔═══╝ ██║ ██║██║ ██║██╔══╝
███████║██║ ╚██████╔╝╚██████╔╝██║
╚══════╝╚═╝ ╚═════╝ ╚═════╝ ╚═╝
████████╗██╗ ██╗ █████╗ ████████╗ ███╗ ███╗ █████╗ ██╗██╗
╚══██╔══╝██║ ██║██╔══██╗╚══██╔══╝ ████╗ ████║██╔══██╗██║██║
██║ ███████║███████║ ██║ ██╔████╔██║███████║██║██║
██║ ██╔══██║██╔══██║ ██║ ██║╚██╔╝██║██╔══██║██║██║
██║ ██║ ██║██║ ██║ ██║ ██║ ╚═╝ ██║██║ ██║██║███████╗
╚═╝ ╚═╝ ╚═╝╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝╚═╝ ╚═╝╚═╝╚══════╝ by securihub.com
"
if [ $# != 2 ];then
echo "Wrong execution\n"
help
exit 0
fi
main $@