-
Notifications
You must be signed in to change notification settings - Fork 10
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #7 from BLACK-SCORP10/BLACK-SCORP10-patch-1
Update spfvuln.sh
- Loading branch information
Showing
1 changed file
with
112 additions
and
143 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,161 +1,130 @@ | ||
| #!/bin/bash | ||
|
|
||
| # Function to display the tool banner | ||
| function banner() { | ||
| echo "" | ||
| echo -e " \033[0;31mThis Email-Vulnerablity-Checker\e Was Created By \e[1;32mBLACK-SCORP10 \e" | ||
| echo "" | ||
| echo -e "\e[1;34m For Any Queries Join Me!!!\e[0m" | ||
| echo -e "\e[1;32m Telegram: https://t.me/BLACK-SCORP10 \e[0m" | ||
| echo "" | ||
| echo "" | ||
| echo "" | ||
| echo -e " \033[0;31mThis Email Vulnerability Checker v.2.0\e Was Created By \e[1;32mBLACK-SCORP10 \e" | ||
| echo "" | ||
| echo -e "\e[1;34m For Any Queries Join Me!!!\e[0m" | ||
| echo -e "\e[1;32m Telegram: https://t.me/BLACK-SCORP10 \e[0m" | ||
| echo "" | ||
| echo "" | ||
| } | ||
|
|
||
| # Check if the -h option was provided to show the help section | ||
| function usage() { | ||
|
|
||
| echo "" | ||
| echo "Usage: ./spfvuln.sh [-h] [-v] [-t targetfile] [-verbose] [domain]" | ||
| echo "Check if a domain is vulnerable to email spoofing" | ||
| echo "" | ||
| echo " -h | --help Show this help section" | ||
| echo " -v Show the tool version" | ||
| echo " -t | --target <file> Use a text file containing a list of domains to check" | ||
| echo " --verbose Run the tool in verbose mode" | ||
| echo " domain The domain to check (if not using the -t option)" | ||
| echo "" | ||
| echo "Examples: $ ./spfvuln.sh example.com" | ||
| echo " $ ./spfvuln.sh -t targets.txt" | ||
| echo " $ ./spfvuln.sh -t targets.txt --verbose" | ||
| echo " $ ./spfvuln.sh example.com --verbose" | ||
| echo "" | ||
| exit 0 | ||
| } | ||
|
|
||
| function style() { | ||
| local style_left="\e[31m[" | ||
| local style_right="]\e[39m " | ||
| if [[ -n $1 && $1 == "NO SPF" ]]; then | ||
| spf_status="${style_left}$1${style_right}" | ||
| elif [[ -n $1 && $1 == "NO DMARC" ]]; then | ||
| dmarc_status="${style_left}$1${style_right}" | ||
| fi | ||
| } | ||
|
|
||
| function print() { | ||
| local domain=${domain} | ||
|
|
||
| if [[ -n ${1} || -n ${2} ]]; then | ||
|
|
||
| style "$1" | ||
| style "$2" | ||
| echo -e "${spf_status}${dmarc_status} : ${domain} are \e[31mvulnerable\e[39m" | ||
|
|
||
| else | ||
|
|
||
| echo -e "${domain} are \e[1;32mnot vulnerable\e[0m" | ||
|
|
||
| fi | ||
| } | ||
|
|
||
| function log() { | ||
| echo -e "$@" | ||
| if [[ ${VERBOSE} == 1 ]]; then | ||
| echo "SPF record: $spf_record" | ||
| fi | ||
| } | ||
| # Function to check SPF and DMARC configurations and determine vulnerability status | ||
| function check_vulnerability { | ||
| local domain=$1 | ||
| local spf_response=$(nslookup -type=TXT "$domain" | grep -Eo '\s*-all|\s*~all|\s*\+all|\s*\?all|\s*\redirect' || echo "no spf") | ||
|
|
||
| local dmarc_response=$(nslookup -type=TXT "_dmarc.$domain" | grep -Eo '\bp=(reject|quarantine|none)\b|No answer' | head -n1 || echo "No answer") | ||
|
|
||
| # Trim leading and trailing spaces from SPF and DMARC responses | ||
| spf_response=$(echo "$spf_response" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//') | ||
| dmarc_response=$(echo "$dmarc_response" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//' -e 's/^No answer$/No Answer/') | ||
|
|
||
| # Convert "p=" to "no answer" for DMARC records | ||
| if [[ "$dmarc_response" == "p=reject" ]]; then | ||
| dmarc_response="reject" | ||
| elif [[ "$dmarc_response" == "p=quarantine" ]]; then | ||
| dmarc_response="quarantine" | ||
| elif [[ "$dmarc_response" == "p=none" ]]; then | ||
| dmarc_response="none" | ||
| elif [[ "$dmarc_response" == "No Answer" ]]; then | ||
| dmarc_response="No Answer" | ||
| fi | ||
|
|
||
| # Check if the -v option was provided to show the tool version | ||
| function version() { | ||
| echo "Email-Vulnerablity-checker v1.1.1" | ||
| exit 0 | ||
| # Determine vulnerability status based on trimmed SPF and DMARC responses | ||
| case "$spf_response $dmarc_response" in | ||
| "-all reject") vulnerability_status="Not Vulnerable"; color="\033[0;32m";; | ||
| "-all quarantine") vulnerability_status="Less Vulnerable"; color="\033[1;33m";; | ||
| "-all none") vulnerability_status="Vulnerable"; color="\033[0;31m";; | ||
| "-all No Answer") vulnerability_status="Vulnerable"; color="\033[0;31m";; | ||
| "~all reject") vulnerability_status="Less Vulnerable"; color="\033[1;33m";; | ||
| "~all quarantine") vulnerability_status="More Vulnerable"; color="\033[0;31m";; | ||
| "~all none") vulnerability_status="Vulnerable"; color="\033[0;31m";; | ||
| "~all No Answer") vulnerability_status="Vulnerable"; color="\033[0;31m";; | ||
| "+all reject") vulnerability_status="Vulnerable"; color="\033[0;31m";; | ||
| "+all quarantine") vulnerability_status="More Vulnerable"; color="\033[0;31m";; | ||
| "+all none") vulnerability_status="Vulnerable"; color="\033[0;31m";; | ||
| "+all No Answer") vulnerability_status="Vulnerable"; color="\033[0;31m";; | ||
| "?all reject") vulnerability_status="Vulnerable"; color="\033[0;31m";; | ||
| "?all quarantine") vulnerability_status="More Vulnerable"; color="\033[0;31m";; | ||
| "?all none") vulnerability_status="Vulnerable"; color="\033[0;31m";; | ||
| "?all No Answer") vulnerability_status="Vulnerable"; color="\033[0;31m";; | ||
| "no spf reject") vulnerability_status="Vulnerable"; color="\033[0;31m";; | ||
| "no spf quarantine") vulnerability_status="More Vulnerable"; color="\033[0;31m";; | ||
| "no spf none") vulnerability_status="Highly Vulnerable"; color="\033[0;31m";; | ||
| "no spf No Answer") vulnerability_status="Highly Vulnerable"; color="\033[0;31m";; | ||
| *) vulnerability_status="Consider Redirect Mechanism"; color="\033[1;34m";; | ||
| esac | ||
|
|
||
| echo -e "\033[1;36mDomain: $domain - SPF: $spf_response - DMARC: $dmarc_response - Vulnerability Status: $color$vulnerability_status\033[0m" | ||
| } | ||
|
|
||
| spfdmarc_checker(){ | ||
| # Check if the domain has a SPF record | ||
| spf_record=$(dig +short TXT "$domain" | grep "v=spf1") | ||
| local spf_vuln="" | ||
| if [ -z "$spf_record" ]; then | ||
| spf_vuln="NO SPF" | ||
| fi | ||
|
|
||
| # Check if the domain has a DMARC record | ||
| dmarc_record=$(dig +short TXT _dmarc."$domain") | ||
| local dmarc_vuln="" | ||
| if [ -z "$dmarc_record" ]; then | ||
| dmarc_vuln="NO DMARC" | ||
| # Main function to parse command line arguments and execute the vulnerability checker | ||
| function main { | ||
| if [[ $# -eq 0 ]]; then | ||
| banner | ||
| echo "Usage: $0 [-h | --help] [-v] [-t <file> | -d <domain>] [-o <output.txt>]" | ||
| exit 1 | ||
| fi | ||
|
|
||
| print "${spf_vuln}" "${dmarc_vuln}" "${domain}" | ||
| } | ||
|
|
||
| function target() { | ||
| # Check if a target file was provided | ||
| if [ -z "$1" ]; then | ||
| echo "Error: No target file provided, use -h for help" | ||
| exit 1 | ||
| local output_file="" | ||
| local domains_file="" | ||
| local single_domain="" | ||
|
|
||
| while [[ $# -gt 0 ]]; do | ||
| case $1 in | ||
| -h|--help) | ||
| banner | ||
| echo "Usage: $0 [-h | --help] [-v] [-t <file> | -d <domain>] [-o <output.txt>]" | ||
| exit 0 | ||
| ;; | ||
| -v) | ||
| banner | ||
| echo "Version: 2.0" | ||
| exit 0 | ||
| ;; | ||
| -t) | ||
| shift | ||
| domains_file=$1 | ||
| ;; | ||
| -d) | ||
| shift | ||
| single_domain=$1 | ||
| ;; | ||
| -o) | ||
| shift | ||
| output_file=$1 | ||
| ;; | ||
| *) | ||
| echo "Unknown option: $1" | ||
| exit 1 | ||
| ;; | ||
| esac | ||
| shift | ||
| done | ||
|
|
||
| banner | ||
|
|
||
| if [[ -n $domains_file ]]; then | ||
| while IFS= read -r domain; do | ||
| check_vulnerability "$domain" | ||
| done < "$domains_file" | ||
| elif [[ -n $single_domain ]]; then | ||
| check_vulnerability "$single_domain" | ||
| else | ||
| echo "No domain specified. Use either -t for a domains file or -d for a single domain." | ||
| exit 1 | ||
| fi | ||
|
|
||
| # Check if the target file exists | ||
| if [ ! -f "$1" ]; then | ||
| echo "Error: Target file not found, use -h for help" | ||
| exit 1 | ||
| if [[ -n $output_file ]]; then | ||
| exec > "$output_file" | ||
| fi | ||
|
|
||
| # Read the domains from the target file | ||
| while IFS= read -r domain; do | ||
| # Check if the domain is valid using a regular expression | ||
| if ! [[ $domain =~ ^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$ ]]; then | ||
|
|
||
| echo "Error: Invalid domain '$domain'" | ||
| continue | ||
|
|
||
| else | ||
| spfdmarc_checker | ||
| fi | ||
| done < "$1" | ||
| } | ||
|
|
||
| function single_domain() { | ||
| # Check if the domain is valid using a regular expression | ||
| if ! [[ $1 =~ ^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$ ]]; then | ||
| echo "Error: Invalid domain '$1'" | ||
| exit 1 | ||
| fi | ||
| spfdmarc_checker | ||
| } | ||
|
|
||
| while [ $# -gt 0 ]; do | ||
| case $1 in | ||
| -h | --help) | ||
| usage | ||
| ;; | ||
| --verbose) | ||
| VERBOSE=1 | ||
| ;; | ||
| -v | --version) | ||
| version | ||
| ;; | ||
| -t | --target) | ||
| target_file="$2" | ||
| ;; | ||
| *) | ||
| domain="$1" | ||
| ;; | ||
| esac | ||
| shift | ||
| done | ||
|
|
||
| banner | ||
|
|
||
| if [[ -n ${target_file} ]]; then | ||
| target "$target_file" | ||
| fi | ||
|
|
||
| if [[ -n ${domain} ]]; then | ||
| single_domain "$domain" | ||
| fi | ||
|
|
||
| exit 0 | ||
| # Call the main function with command line arguments | ||
| main "$@" | ||
|
|
||
| # This code is made and owned by BLACK-SCORP10. | ||
| # Feel free to contact me at https://t.me/BLACK_SCORP10 |