2013-12-03 04:56:55 +00:00
|
|
|
package main
|
|
|
|
|
|
|
|
/*
|
|
|
|
gophish - Open-Source Phishing Framework
|
|
|
|
|
|
|
|
The MIT License (MIT)
|
|
|
|
|
|
|
|
Copyright (c) 2013 Jordan Wright
|
|
|
|
|
|
|
|
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
|
|
of this software and associated documentation files (the "Software"), to deal
|
|
|
|
in the Software without restriction, including without limitation the rights
|
|
|
|
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
|
|
copies of the Software, and to permit persons to whom the Software is
|
|
|
|
furnished to do so, subject to the following conditions:
|
|
|
|
|
|
|
|
The above copyright notice and this permission notice shall be included in
|
|
|
|
all copies or substantial portions of the Software.
|
|
|
|
|
|
|
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
|
|
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
|
|
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
|
|
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
|
|
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
|
|
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
|
|
|
THE SOFTWARE.
|
|
|
|
*/
|
2013-12-06 23:39:40 +00:00
|
|
|
import (
|
2016-12-02 23:47:49 +00:00
|
|
|
"compress/gzip"
|
2013-12-06 23:39:40 +00:00
|
|
|
"fmt"
|
2014-07-24 02:04:38 +00:00
|
|
|
"log"
|
2013-12-03 04:56:55 +00:00
|
|
|
"net/http"
|
2014-05-27 01:29:12 +00:00
|
|
|
"os"
|
2016-01-15 04:46:43 +00:00
|
|
|
"sync"
|
2014-01-09 06:42:05 +00:00
|
|
|
|
2017-06-09 05:14:03 +00:00
|
|
|
"gopkg.in/alecthomas/kingpin.v2"
|
|
|
|
|
2016-08-17 01:20:11 +00:00
|
|
|
"github.com/NYTimes/gziphandler"
|
2016-09-15 04:52:58 +00:00
|
|
|
"github.com/gophish/gophish/auth"
|
2016-01-10 17:03:17 +00:00
|
|
|
"github.com/gophish/gophish/config"
|
|
|
|
"github.com/gophish/gophish/controllers"
|
|
|
|
"github.com/gophish/gophish/models"
|
2016-11-19 18:04:10 +00:00
|
|
|
"github.com/gophish/gophish/util"
|
2016-01-15 04:46:43 +00:00
|
|
|
"github.com/gorilla/handlers"
|
2013-12-03 04:56:55 +00:00
|
|
|
)
|
|
|
|
|
2017-06-09 05:14:03 +00:00
|
|
|
var (
|
|
|
|
Logger = log.New(os.Stdout, " ", log.Ldate|log.Ltime|log.Lshortfile)
|
|
|
|
|
|
|
|
configPath = kingpin.Flag("config", "Location of config.json.").Default("./config.json").String()
|
|
|
|
)
|
2014-07-24 02:04:38 +00:00
|
|
|
|
2013-12-03 04:56:55 +00:00
|
|
|
func main() {
|
2017-06-09 05:14:03 +00:00
|
|
|
// Parse the CLI flags and load the config
|
|
|
|
kingpin.Parse()
|
|
|
|
config.LoadConfig(*configPath)
|
2014-06-29 21:44:16 +00:00
|
|
|
// Setup the global variables and settings
|
2014-03-25 03:38:59 +00:00
|
|
|
err := models.Setup()
|
|
|
|
if err != nil {
|
2014-01-06 06:09:41 +00:00
|
|
|
fmt.Println(err)
|
2014-03-25 03:38:59 +00:00
|
|
|
}
|
2016-01-15 04:46:43 +00:00
|
|
|
wg := &sync.WaitGroup{}
|
|
|
|
wg.Add(1)
|
2014-06-29 21:44:16 +00:00
|
|
|
// Start the web servers
|
2016-01-15 04:46:43 +00:00
|
|
|
go func() {
|
|
|
|
defer wg.Done()
|
2016-12-02 23:47:49 +00:00
|
|
|
gzipWrapper, _ := gziphandler.NewGzipLevelHandler(gzip.BestCompression)
|
|
|
|
adminHandler := gzipWrapper(controllers.CreateAdminRouter())
|
2016-09-15 04:52:58 +00:00
|
|
|
auth.Store.Options.Secure = config.Conf.AdminConf.UseTLS
|
2016-01-17 16:45:13 +00:00
|
|
|
if config.Conf.AdminConf.UseTLS { // use TLS for Admin web server if available
|
2016-11-19 18:04:10 +00:00
|
|
|
err := util.CheckAndCreateSSL(config.Conf.AdminConf.CertPath, config.Conf.AdminConf.KeyPath)
|
|
|
|
if err != nil {
|
|
|
|
Logger.Fatal(err)
|
|
|
|
}
|
2016-01-17 16:45:13 +00:00
|
|
|
Logger.Printf("Starting admin server at https://%s\n", config.Conf.AdminConf.ListenURL)
|
|
|
|
Logger.Fatal(http.ListenAndServeTLS(config.Conf.AdminConf.ListenURL, config.Conf.AdminConf.CertPath, config.Conf.AdminConf.KeyPath,
|
2016-08-17 01:20:11 +00:00
|
|
|
handlers.CombinedLoggingHandler(os.Stdout, adminHandler)))
|
2016-01-17 16:45:13 +00:00
|
|
|
} else {
|
|
|
|
Logger.Printf("Starting admin server at http://%s\n", config.Conf.AdminConf.ListenURL)
|
2016-08-17 01:20:11 +00:00
|
|
|
Logger.Fatal(http.ListenAndServe(config.Conf.AdminConf.ListenURL, handlers.CombinedLoggingHandler(os.Stdout, adminHandler)))
|
2016-01-17 16:45:13 +00:00
|
|
|
}
|
2016-01-15 04:46:43 +00:00
|
|
|
}()
|
|
|
|
wg.Add(1)
|
|
|
|
go func() {
|
|
|
|
defer wg.Done()
|
2016-08-17 01:20:11 +00:00
|
|
|
phishHandler := gziphandler.GzipHandler(controllers.CreatePhishingRouter())
|
2016-01-17 16:45:13 +00:00
|
|
|
if config.Conf.PhishConf.UseTLS { // use TLS for Phish web server if available
|
|
|
|
Logger.Printf("Starting phishing server at https://%s\n", config.Conf.PhishConf.ListenURL)
|
|
|
|
Logger.Fatal(http.ListenAndServeTLS(config.Conf.PhishConf.ListenURL, config.Conf.PhishConf.CertPath, config.Conf.PhishConf.KeyPath,
|
2016-08-17 01:20:11 +00:00
|
|
|
handlers.CombinedLoggingHandler(os.Stdout, phishHandler)))
|
2016-01-17 16:45:13 +00:00
|
|
|
} else {
|
|
|
|
Logger.Printf("Starting phishing server at http://%s\n", config.Conf.PhishConf.ListenURL)
|
2016-08-17 01:20:11 +00:00
|
|
|
Logger.Fatal(http.ListenAndServe(config.Conf.PhishConf.ListenURL, handlers.CombinedLoggingHandler(os.Stdout, phishHandler)))
|
2016-01-17 16:45:13 +00:00
|
|
|
}
|
2016-01-15 04:46:43 +00:00
|
|
|
}()
|
|
|
|
wg.Wait()
|
2013-12-06 23:39:40 +00:00
|
|
|
}
|