Raikia / FiercePhish

FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more.
https://github.com/Raikia/FiercePhish/wiki
GNU General Public License v3.0
1.33k stars 254 forks source link

Inbox not working #68

Open digininja opened 6 years ago

digininja commented 6 years ago

The in app inbox isn't working. Mail is set up correctly and I can see mail landing in /var/spool/mail/fiercephish but nothing is showing in the inbox in the web app. Any ideas?

Raikia commented 6 years ago

This is done via a "cron" (subtask of the primary cron job running) running every minute. The cron executes:

 php /var/www/fiercephish/artisan fp:checkmail

You can try running that command on your own to see what the output is to see if there is an issue there. Aside from that, just ensure the main cron is setup properly (" * /usr/bin/env php /var/www/fiercephish/artisan schedule:run >> /dev/null 2>&1").

The subtask is spawned here: https://github.com/Raikia/FiercePhish/blob/master/app/Console/Kernel.php#L31

And the "check mail" code is here: https://github.com/Raikia/FiercePhish/blob/master/app/Console/Commands/CheckMail.php#L48

I do have better email handling in v2.0 though so this may get fixed with that? We'll see.

digininja commented 6 years ago

This probably explains why it is failing

root@phish:/var/www/fiercephish#  php /var/www/fiercephish/artisan fp:checkmail
Starting email fetch.
Running
Found 4 emails!

  [ErrorException]                           
  Undefined property: stdClass::$message_id  

PHP Fatal error:  Uncaught ErrorException: Unknown: SECURITY PROBLEM: insecure server advertised AUTH=PLAIN (errflg=1) in Unknown:0
Stack trace:
#0 [internal function]: Illuminate\Foundation\Bootstrap\HandleExceptions->handleError(8, 'Unknown: SECURI...', 'Unknown', 0, NULL)
#1 {main}
  thrown in Unknown on line 0
Segmentation fault (core dumped)
digininja commented 6 years ago

This is a stock install using the automated installer so I've not tweaked anything.

Raikia commented 6 years ago

Yeah, so I've seen this once before actually and its caused by an erroneous corrupt email header. I'll put more error checking in the code to fix it on a larger scale, but this is caused because php's imap module (which is horrifically terrible I might add) doesn't find the Message ID header for an email (which is a required header).

Then because the error codes aren't read from the php imap module , php segfaults because for some reason the imap module requires all errors to always be read otherwise it will segfault....lol (hence this: https://github.com/Raikia/FiercePhish/blob/master/app/Console/Commands/CheckMail.php#L110-L111 )

So yeah, the short-term solution for you is to do a "echo '' > /var/spool/mail/fiercephish" but it will remove the existing emails you have in there. The better solution is for me to just handle not finding a message id here: https://github.com/Raikia/FiercePhish/blob/master/app/Console/Commands/CheckMail.php#L77 . I will implement this fix shortly.

digininja commented 6 years ago

Still failing. I cleared it out then tried sending a mail to it through mail on the command line, it failed. I then cleared it and mailed it from Gmail and it still failed, slightly different error this time:

# php /var/www/fiercephish/artisan fp:checkmail
Starting email fetch.
Running
Found 0 emails!
PHP Fatal error:  Uncaught ErrorException: Unknown: SECURITY PROBLEM: insecure server advertised AUTH=PLAIN (errflg=1) in Unknown:0
Stack trace:
#0 [internal function]: Illuminate\Foundation\Bootstrap\HandleExceptions->handleError(8, 'Unknown: SECURI...', 'Unknown', 0, NULL)
#1 {main}
  thrown in Unknown on line 0
Segmentation fault (core dumped)

There are now two mails in the mail spool, both have the Message-ID field.

Raikia commented 6 years ago

Interesting.........that never used to be a fatal error. I wonder if php's imap module updated and now made that from a warning to a fatal error.

Great...

I'll do some research into it and figure it out. Sorry!

digininja commented 6 years ago

no problem, happy to keep retesting things, just tell me what you need

On Tue, 19 Jun 2018 at 16:54 Chris King notifications@github.com wrote:

Interesting.........that never used to be a fatal error. I wonder if php's imap module updated and now made that from a warning to a fatal error.

Great...

I'll do some research into it and figure it out. Sorry!

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/Raikia/FiercePhish/issues/68#issuecomment-398450460, or mute the thread https://github.com/notifications/unsubscribe-auth/AAHJWYCeHvAShLHgqQhafFXqzoTTUkcJks5t-R61gaJpZM4UtuNH .

wilsonfisk77 commented 5 years ago

Any update plz im facing the same issue.