// PhishTracker tracks emails as they are opened, updating the status for the given Result
func PhishTracker(w http.ResponseWriter, r *http.Request) {
r.ParseForm()
id := r.Form.Get("rid")
if id == "" {
http.NotFound(w, r)
return
}
rs, err := models.GetResult(id)
if err != nil {
http.NotFound(w, r)
return
}
c, err := models.GetCampaign(rs.CampaignId, rs.UserId)
if err != nil {
Logger.Println(err)
}
c.AddEvent(models.Event{Email: rs.Email, Message: models.EVENT_OPENED})
err = rs.UpdateStatus(models.EVENT_OPENED)
if err != nil {
Logger.Println(err)
}
// Update the GeoIP information
ip, _, err := net.SplitHostPort(r.RemoteAddr)
if err == nil {
err = rs.UpdateGeo(ip)
if err != nil {
Logger.Println(err)
}
} else {
Logger.Println(err)
}
w.Write([]byte(""))
}
// PhishHandler handles incoming client connections and registers the associated actions performed
// (such as clicked link, etc.)
func PhishHandler(w http.ResponseWriter, r *http.Request) {
err := r.ParseForm()
if err != nil {
Logger.Println(err)
http.NotFound(w, r)
return
}
id := r.Form.Get("rid")
if id == "" {
http.NotFound(w, r)
return
}
rs, err := models.GetResult(id)
if err != nil {
http.NotFound(w, r)
return
}
rs.UpdateStatus(models.STATUS_SUCCESS)
c, err := models.GetCampaign(rs.CampaignId, rs.UserId)
if err != nil {
Logger.Println(err)
}
p, err := models.GetPage(c.PageId, c.UserId)
if err != nil {
Logger.Println(err)
}
switch {
case r.Method == "GET":
err = c.AddEvent(models.Event{Email: rs.Email, Message: models.EVENT_CLICKED})
if err != nil {
Logger.Println(err)
}
case r.Method == "POST":
// If data was POST'ed, let's record it
// Store the data in an event
d := struct {
Payload url.Values `json:"payload"`
Browser map[string]string `json:"browser"`
}{
Payload: r.Form,
}
rj, err := json.Marshal(d)
if err != nil {
Logger.Println(err)
http.NotFound(w, r)
return
}
c.AddEvent(models.Event{Email: rs.Email, Message: models.EVENT_DATA_SUBMIT, Details: string(rj)})
if err != nil {
Logger.Println(err)
}
}
w.Write([]byte(p.HTML))
}
// PhishTracker tracks emails as they are opened, updating the status for the given Result
func PhishTracker(w http.ResponseWriter, r *http.Request) {
r.ParseForm()
id := r.Form.Get("rid")
if id == "" {
Logger.Println("Missing Result ID")
http.NotFound(w, r)
return
}
rs, err := models.GetResult(id)
if err != nil {
Logger.Println("No Results found")
http.NotFound(w, r)
return
}
c, err := models.GetCampaign(rs.CampaignId, rs.UserId)
if err != nil {
Logger.Println(err)
}
// Don't process events for completed campaigns
if c.Status == models.CAMPAIGN_COMPLETE {
http.NotFound(w, r)
return
}
c.AddEvent(models.Event{Email: rs.Email, Message: models.EVENT_OPENED})
// Don't update the status if the user already clicked the link
// or submitted data to the campaign
if rs.Status == models.STATUS_SUCCESS {
http.ServeFile(w, r, "static/images/pixel.png")
return
}
err = rs.UpdateStatus(models.EVENT_OPENED)
if err != nil {
Logger.Println(err)
}
ip, _, err := net.SplitHostPort(r.RemoteAddr)
if err != nil {
Logger.Println(err)
return
}
// Respect X-Forwarded headers
if fips := r.Header.Get("X-Forwarded-For"); fips != "" {
ip = strings.Split(fips, ", ")[0]
}
// Handle post processing such as GeoIP
err = rs.UpdateGeo(ip)
if err != nil {
Logger.Println(err)
}
http.ServeFile(w, r, "static/images/pixel.png")
}
// API_Campaigns_Id returns details about the requested campaign. If the campaign is not
// valid, API_Campaigns_Id returns null.
func API_Campaigns_Id(w http.ResponseWriter, r *http.Request) {
vars := mux.Vars(r)
id, _ := strconv.ParseInt(vars["id"], 0, 64)
c, err := models.GetCampaign(id, ctx.Get(r, "user_id").(int64))
if err != nil {
JSONResponse(w, models.Response{Success: false, Message: "Campaign not found"}, http.StatusNotFound)
return
}
switch {
case r.Method == "GET":
JSONResponse(w, c, http.StatusOK)
case r.Method == "DELETE":
err = models.DeleteCampaign(id)
if err != nil {
JSONResponse(w, models.Response{Success: false, Message: "Error deleting campaign"}, http.StatusInternalServerError)
return
}
JSONResponse(w, models.Response{Success: true, Message: "Campaign deleted successfully!"}, http.StatusOK)
}
}
// PhishTracker tracks emails as they are opened, updating the status for the given Result
func PhishTracker(w http.ResponseWriter, r *http.Request) {
r.ParseForm()
id := r.Form.Get("rid")
if id == "" {
http.NotFound(w, r)
return
}
rs, err := models.GetResult(id)
if err != nil {
http.NotFound(w, r)
return
}
c, err := models.GetCampaign(rs.CampaignId, rs.UserId)
if err != nil {
Logger.Println(err)
}
c.AddEvent(models.Event{Email: rs.Email, Message: models.EVENT_OPENED})
// Don't update the status if the user already clicked the link
// or submitted data to the campaign
if rs.Status == models.STATUS_SUCCESS {
w.Write([]byte(""))
return
}
err = rs.UpdateStatus(models.EVENT_OPENED)
if err != nil {
Logger.Println(err)
}
// Update the GeoIP information
ip, _, err := net.SplitHostPort(r.RemoteAddr)
if err == nil {
err = rs.UpdateGeo(ip)
if err != nil {
Logger.Println(err)
}
} else {
Logger.Println(err)
}
w.Write([]byte(""))
}
// PhishHandler handles incoming client connections and registers the associated actions performed
// (such as clicked link, etc.)
func PhishHandler(w http.ResponseWriter, r *http.Request) {
r.ParseForm()
id := r.Form.Get("rid")
if id == "" {
http.NotFound(w, r)
return
}
rs, err := models.GetResult(id)
if err != nil {
http.NotFound(w, r)
return
}
rs.UpdateStatus(models.STATUS_SUCCESS)
c, err := models.GetCampaign(rs.CampaignId, rs.UserId)
if err != nil {
Logger.Println(err)
}
p, err := models.GetPage(c.PageId, c.UserId)
if err != nil {
Logger.Println(err)
}
c.AddEvent(models.Event{Email: rs.Email, Message: models.EVENT_CLICKED})
w.Write([]byte(p.HTML))
}
// PhishHandler handles incoming client connections and registers the associated actions performed
// (such as clicked link, etc.)
func PhishHandler(w http.ResponseWriter, r *http.Request) {
err := r.ParseForm()
if err != nil {
Logger.Println(err)
http.NotFound(w, r)
return
}
id := r.Form.Get("rid")
if id == "" {
http.NotFound(w, r)
return
}
rs, err := models.GetResult(id)
if err != nil {
http.NotFound(w, r)
return
}
c, err := models.GetCampaign(rs.CampaignId, rs.UserId)
if err != nil {
Logger.Println(err)
}
// Don't process events for completed campaigns
if c.Status == models.CAMPAIGN_COMPLETE {
http.NotFound(w, r)
return
}
rs.UpdateStatus(models.STATUS_SUCCESS)
p, err := models.GetPage(c.PageId, c.UserId)
if err != nil {
Logger.Println(err)
}
d := struct {
Payload url.Values `json:"payload"`
Browser map[string]string `json:"browser"`
}{
Payload: r.Form,
Browser: make(map[string]string),
}
ip, _, err := net.SplitHostPort(r.RemoteAddr)
if err != nil {
Logger.Println(err)
return
}
// Respect X-Forwarded headers
if fips := r.Header.Get("X-Forwarded-For"); fips != "" {
ip = strings.Split(fips, ", ")[0]
}
// Handle post processing such as GeoIP
err = rs.UpdateGeo(ip)
if err != nil {
Logger.Println(err)
}
d.Browser["address"] = ip
d.Browser["user-agent"] = r.Header.Get("User-Agent")
rj, err := json.Marshal(d)
if err != nil {
Logger.Println(err)
http.NotFound(w, r)
return
}
switch {
case r.Method == "GET":
err = c.AddEvent(models.Event{Email: rs.Email, Message: models.EVENT_CLICKED, Details: string(rj)})
if err != nil {
Logger.Println(err)
}
case r.Method == "POST":
// If data was POST'ed, let's record it
// Store the data in an event
c.AddEvent(models.Event{Email: rs.Email, Message: models.EVENT_DATA_SUBMIT, Details: string(rj)})
if err != nil {
Logger.Println(err)
}
// Redirect to the desired page
if p.RedirectURL != "" {
http.Redirect(w, r, p.RedirectURL, 302)
return
}
}
var htmlBuff bytes.Buffer
tmpl, err := template.New("html_template").Parse(p.HTML)
if err != nil {
Logger.Println(err)
http.NotFound(w, r)
}
f, err := mail.ParseAddress(c.SMTP.FromAddress)
if err != nil {
Logger.Println(err)
}
fn := f.Name
if fn == "" {
fn = f.Address
}
rsf := struct {
models.Result
URL string
From string
}{
rs,
c.URL + "?rid=" + rs.RId,
fn,
}
err = tmpl.Execute(&htmlBuff, rsf)
if err != nil {
Logger.Println(err)
http.NotFound(w, r)
}
w.Write(htmlBuff.Bytes())
}