fmunozs/mailclient.py

## mailclient.py
#!/usr/bin/python
# -*- coding: utf-8 -*-

# simple script to open all urls found in a new email
# useful to automate client side exploits on a pentesting lab
# author: fmunozs http://github.com/fmunozs

import os
import sys
import imaplib
import email
import subprocess
import re

# CHANGE HERE :)
MAIL = 'MAIL@gmail.com'
PASS = 'password!!'

def openurl(url):
    if sys.platform == 'win32':
        os.startfile(url)
    else:
        try:
            subprocess.Popen(['xdg-open', url])
        except OSError:
            print 'unable to open ' + url


M = imaplib.IMAP4_SSL('imap.gmail.com')

try:
    M.login(MAIL, PASS)
except imaplib.IMAP4.error:
    print 'Login failed'
    exit()

M.select('Inbox')
(r, m) = M.search(None, '(UNSEEN)')
if r != 'OK':
    print 'Error checking unseen messages'
    exit()

urllist = []

for n in m[0].split(' '):
    if n == '':
        print 'Nothing new to check'
        break

    (r, data) = M.fetch(n, '(RFC822)')
    if r != 'OK':
        continue
    msg = email.message_from_string(data[0][1])
    msg_content = ''
    if msg.is_multipart():
        for part in msg.walk():
            if part.get_content_type() == "text/plain":
                # on multipart messages, parse only text/plain
                msg_content = part.get_payload(decode=True)
                break
            else:
                continue
    else:
        msg_content = msg.get_payload()

    #extract links that start with protocol handler http/https
    r = re.findall("(https?://[^\s]+)", msg_content)
    if r is not None:
        urllist.extend(r)

#open uniq links
for i in set(urllist):
    openurl(i)

M.close()
M.logout()
	#!/usr/bin/python
	# -- coding: utf-8 --

	# simple script to open all urls found in a new email
	# useful to automate client side exploits on a pentesting lab
	# author: fmunozs http://github.com/fmunozs

	import os
	import sys
	import imaplib
	import email
	import subprocess
	import re

	# CHANGE HERE :)
	MAIL = 'MAIL@gmail.com'
	PASS = 'password!!'

	def openurl(url):
	if sys.platform == 'win32':
	os.startfile(url)
	else:
	try:
	subprocess.Popen(['xdg-open', url])
	except OSError:
	print 'unable to open ' + url


	M = imaplib.IMAP4_SSL('imap.gmail.com')

	try:
	M.login(MAIL, PASS)
	except imaplib.IMAP4.error:
	print 'Login failed'
	exit()

	M.select('Inbox')
	(r, m) = M.search(None, '(UNSEEN)')
	if r != 'OK':
	print 'Error checking unseen messages'
	exit()

	urllist = []

	for n in m[0].split(' '):
	if n == '':
	print 'Nothing new to check'
	break

	(r, data) = M.fetch(n, '(RFC822)')
	if r != 'OK':
	continue
	msg = email.message_from_string(data[0][1])
	msg_content = ''
	if msg.is_multipart():
	for part in msg.walk():
	if part.get_content_type() == "text/plain":
	# on multipart messages, parse only text/plain
	msg_content = part.get_payload(decode=True)
	break
	else:
	continue
	else:
	msg_content = msg.get_payload()

	#extract links that start with protocol handler http/https
	r = re.findall("(https?://[^\s]+)", msg_content)
	if r is not None:
	urllist.extend(r)

	#open uniq links
	for i in set(urllist):
	openurl(i)

	M.close()
	M.logout()