crash.software
Projects
Pull Requests
Issues
Builds
gophish
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY gophish Commits 2d08befb
🤬
  • ■ ■ ■ ■
    models/maillog_test.go
    skipped 283 lines
    284 284   smtp := SMTP{
    285 285   Name: "Test SMTP",
    286 286   Host: "1.1.1.1:25",
    287  - FromAddress: "Foo Bar <[email protected]>",
     287 + FromAddress: "[email protected]",
    288 288   UserId: 1,
    289 289   Headers: []Header{
    290 290   Header{Key: "X-Gophish-Contact", Value: ""},
    skipped 180 lines
  • ■ ■ ■ ■ ■ ■
    models/smtp.go
    skipped 4 lines
    5 5   "errors"
    6 6   "net/mail"
    7 7   "os"
     8 + "regexp"
    8 9   "strconv"
    9 10   "strings"
    10 11   "time"
    skipped 46 lines
    57 58  // specified in the SMTP configuration
    58 59  var ErrFromAddressNotSpecified = errors.New("No From Address specified")
    59 60   
     61 +// ErrInvalidFromAddress is thrown when the SMTP From field in the sending
     62 +// profiles containes a value that is not an email address
     63 +var ErrInvalidFromAddress = errors.New("Invalid SMTP From address because it is not an email address")
     64 + 
    60 65  // ErrHostNotSpecified is thrown when there is no Host specified
    61 66  // in the SMTP configuration
    62 67  var ErrHostNotSpecified = errors.New("No SMTP Host specified")
    skipped 13 lines
    76 81   return ErrFromAddressNotSpecified
    77 82   case s.Host == "":
    78 83   return ErrHostNotSpecified
     84 + case !validateFromAddress(s.FromAddress):
     85 + return ErrInvalidFromAddress
    79 86   }
    80 87   _, err := mail.ParseAddress(s.FromAddress)
    81 88   if err != nil {
    skipped 11 lines
    93 100   return ErrInvalidHost
    94 101   }
    95 102   return err
     103 +}
     104 + 
     105 +// validateFromAddress validates
     106 +func validateFromAddress(email string) bool {
     107 + r, _ := regexp.Compile("^([a-zA-Z0-9_\\-\\.]+)@([a-zA-Z0-9_\\-\\.]+)\\.([a-zA-Z]{2,5})$")
     108 + return r.MatchString(email)
    96 109  }
    97 110   
    98 111  // GetDialer returns a dialer for the given SMTP profile
    skipped 148 lines
  • ■ ■ ■ ■ ■
    models/smtp_test.go
    skipped 11 lines
    12 12   smtp := SMTP{
    13 13   Name: "Test SMTP",
    14 14   Host: "1.1.1.1:25",
    15  - FromAddress: "Foo Bar <[email protected]>",
     15 + FromAddress: "[email protected]",
    16 16   UserId: 1,
    17 17   }
    18 18   err := PostSMTP(&smtp)
    skipped 6 lines
    25 25  func (s *ModelsSuite) TestPostSMTPNoHost(c *check.C) {
    26 26   smtp := SMTP{
    27 27   Name: "Test SMTP",
    28  - FromAddress: "Foo Bar <[email protected]>",
     28 + FromAddress: "[email protected]",
    29 29   UserId: 1,
    30 30   }
    31 31   err := PostSMTP(&smtp)
    skipped 10 lines
    42 42   c.Assert(err, check.Equals, ErrFromAddressNotSpecified)
    43 43  }
    44 44   
    45  -func (s *ModelsSuite) TestPostSMTPValidHeader(c *check.C) {
     45 +func (s *ModelsSuite) TestPostInvalidFrom(c *check.C) {
    46 46   smtp := SMTP{
    47 47   Name: "Test SMTP",
    48 48   Host: "1.1.1.1:25",
    49 49   FromAddress: "Foo Bar <[email protected]>",
     50 + UserId: 1,
     51 + }
     52 + err := PostSMTP(&smtp)
     53 + c.Assert(err, check.Equals, ErrInvalidFromAddress)
     54 +}
     55 + 
     56 +func (s *ModelsSuite) TestPostInvalidFromEmail(c *check.C) {
     57 + smtp := SMTP{
     58 + Name: "Test SMTP",
     59 + Host: "1.1.1.1:25",
     60 + FromAddress: "example.com",
     61 + UserId: 1,
     62 + }
     63 + err := PostSMTP(&smtp)
     64 + c.Assert(err, check.Equals, ErrInvalidFromAddress)
     65 +}
     66 + 
     67 +func (s *ModelsSuite) TestPostSMTPValidHeader(c *check.C) {
     68 + smtp := SMTP{
     69 + Name: "Test SMTP",
     70 + Host: "1.1.1.1:25",
     71 + FromAddress: "[email protected]",
    50 72   UserId: 1,
    51 73   Headers: []Header{
    52 74   Header{Key: "Reply-To", Value: "[email protected]"},
    skipped 44 lines
  • ■ ■ ■ ■
    templates/sending_profiles.html
    skipped 51 lines
    52 52   <input type="text" class="form-control" value="SMTP" id="interface_type" disabled />
    53 53   <label class="control-label" for="from">SMTP From: <i class="fa fa-question-circle"
    54 54   data-toggle="tooltip" data-placement="right" title="Set this to an email address from your sending domain to bypass SPF-checks. You can set the Envelope Sender in Email Templates. The Envelope Sender is shown to the user."></i></label>
    55  - <input type="text" class="form-control" placeholder="First Last <[email protected]>" id="from"
     55 + <input type="text" class="form-control" placeholder="[email protected]" id="from"
    56 56   required />
    57 57   <label class="control-label" for="host">Host:</label>
    58 58   <input type="text" class="form-control" placeholder="smtp.example.com:25" id="host" required />
    skipped 87 lines
Please wait...
Page is in error, reload to recover