Automated Phishing Email Tool

I’m working on a script that will coordinate with ShellPhish to spin up a an ngrok instance, then connect to an MX server of the users choosing and send an HTML email using netcat.

 

I have built some templates for the phishing emails and such, but for the script, I can’t figure out how to get bash to reply to the MX servers prompts. I need something similar to “IF serverresponse = ‘220’ then echo “HELO $spoofdomain” “.

 

What’s the best practice for having a bash script “read” the response and respond intelligently to it? I’ve been looking at the expect program.

 

Edit: Have received the following advice, use exec 10<> /dev/tcp/mx.mailserver.com/25 to open a port and work the script off of this. Trying to understand the appropriate syntax here. Any help or POC is appreciated.

Leave a Reply