mirror of https://github.com/gophish/gophish
Adding checkboxes to handle capturing credentials and passwords
Jordan Wright
parent
4fadcc1ee5
commit
bbe0163366
|
|
@ -455,3 +455,6 @@ td.details-control{
|
||||||
.tooltip-inner {
|
.tooltip-inner {
|
||||||
width:300px !important;
|
width:300px !important;
|
||||||
}
|
}
|
||||||
|
#capture_passwords {
|
||||||
|
display:none;
|
||||||
|
}
|
||||||
|
|
|
||||||
|
|
@ -9,7 +9,20 @@ var pages = []
|
||||||
function save(idx) {
|
function save(idx) {
|
||||||
var page = {}
|
var page = {}
|
||||||
page.name = $("#name").val()
|
page.name = $("#name").val()
|
||||||
page.html = CKEDITOR.instances["html_editor"].getData();
|
editor = CKEDITOR.instances["html_editor"]
|
||||||
|
html = editor.getData();
|
||||||
|
ck_dom = $(html)
|
||||||
|
// Handle capturing credentials
|
||||||
|
if ($("#capture_credentials_checkbox").prop("checked")) {
|
||||||
|
ck_dom.find("form").attr("action", "")
|
||||||
|
if (!$("#capture_passwords_checkbox").prop("checked")) {
|
||||||
|
// Remove the name so the credential isn't submitted
|
||||||
|
ck_dom.find("input[type='password']").removeAttr("name")
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
ck_dom.find("form").attr("action", "#")
|
||||||
|
}
|
||||||
|
page.html = editor.getData();
|
||||||
if (idx != -1) {
|
if (idx != -1) {
|
||||||
page.id = pages[idx].id
|
page.id = pages[idx].id
|
||||||
api.pageId.put(page)
|
api.pageId.put(page)
|
||||||
|
|
@ -163,5 +176,8 @@ $(document).ready(function() {
|
||||||
}
|
}
|
||||||
}, this));
|
}, this));
|
||||||
};
|
};
|
||||||
|
$("#capture_credentials_checkbox").change(function(){
|
||||||
|
$("#capture_passwords").toggle()
|
||||||
|
})
|
||||||
load()
|
load()
|
||||||
})
|
})
|
||||||
|
|
|
||||||
|
|
@ -80,6 +80,17 @@
|
||||||
<textarea id="html_editor"></textarea>
|
<textarea id="html_editor"></textarea>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
<div class="checkbox checkbox-primary">
|
||||||
|
<input id="capture_credentials_checkbox" type="checkbox">
|
||||||
|
<label for="capture_credentials_checkbox">Capture Submitted Data <i class="fa fa-question-circle" data-toggle="tooltip" data-placement="right" title="If the landing page contains a form, submitted input (except passwords!) will be captured."></i></label>
|
||||||
|
</div>
|
||||||
|
<div class="checkbox checkbox-primary" id="capture_passwords">
|
||||||
|
<input id="capture_passwords_checkbox" type="checkbox">
|
||||||
|
<label for="capture_passwords_checkbox">Capture Passwords</label>
|
||||||
|
<div class="alert alert-warning">
|
||||||
|
<i class="fa fa-exclamation-circle"></i> <b>Warning:</b> Credentials are currently <b>not encrypted</b>. This means that captured passwords are stored in the database as cleartext. Be careful with this!
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="modal-footer">
|
<div class="modal-footer">
|
||||||
<button type="button" data-dismiss="modal" class="btn btn-default" onclick="dismiss()">Cancel</button>
|
<button type="button" data-dismiss="modal" class="btn btn-default" onclick="dismiss()">Cancel</button>
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue