Commit Graph

333 Commits (06e95c1fb8b7cf0aaf5e33057441790df59f144f)

Author SHA1 Message Date
s vignesh bfb7fd11e8 Fixing XSS Vulnerabilities
This pull request fixed XSS vulnerabilities identified in the gophish admin panel.

**Important: These vulnerabilities could only be exploited if someone had access to the admin panel already, and could only exploit the vulnerability against the same account.**
2016-09-15 00:52:58 -04:00
Jordan Wright b7a2af338b Fixing template tracking. Fixes #361 2016-09-14 23:41:53 -05:00
Jordan Wright bccf7f2fd2 Fixing issue where AM/PM are not handled correctly in campaign scheduling 2016-08-16 19:27:01 -05:00
Jordan Wright ac62f33e80 Now capturing IP and User Agent information in event logs. Fixes #280 2016-08-08 18:28:19 -05:00
Jordan Wright 576aa469e9 Adding the ability to replay credentials from the campaign results page 2016-08-06 18:06:18 -05:00
Jordan Wright 528418f16d Removing more unnecessary CKEditor sample files 2016-08-02 23:36:13 -05:00
Jordan Wright e746a86816 Implementing new alert dialogs. 2016-07-11 23:31:11 -05:00
Jordan Wright 737acbdb4e Remove unnecessary CKEditor samples 2016-07-11 22:21:01 -05:00
Jordan Wright 1dbf061d87 Implement the ability to complete a campaign. Fixes #290.
First implementation of new alert format.
2016-07-11 22:11:40 -05:00
Rob Cutmore f88e68077e Add/update table when adding targets via CSV too 2016-07-09 16:15:47 -04:00
Rob Cutmore 21c55c579c Add/update group target as needed
When user submits a new target, target data table is checked for an
existing entry based on target email. If an existing entry is found
then it is updated, otherwise a new row is added to table. Target
email addresses are now converted to lower case to help prevent
duplicates as well.
2016-07-09 15:46:06 -04:00
Rob Cutmore 3996a702fe Clean up formatting of targets modal events 2016-07-09 09:06:30 -04:00
Rob Cutmore 00d1994671 Remove groups from campaign copy (Fixes #295)
An error was being raised when trying to copy groups for a campaign
because the individual targets for a campaign are tracked, not the
groups.
2016-06-13 06:17:11 -04:00
Rob Cutmore aa8f80c694 Add selected group hint in campaign modal 2016-06-11 12:30:26 -04:00
Rob Cutmore 5ca7744270 Fix indentation for group form submit 2016-06-09 08:14:26 -04:00
Rob Cutmore 9ec4dbe917 Fix campaign group removal (fixes #249)
Every time a group was added, the event handler for removing group was
set for all rows in group table. This change ensures the event handler
is only set for the newly added group.
2016-06-09 08:11:51 -04:00
Jordan Wright c5d6792bba Added /campaigns/:id/results endpoint to return campaign summary and make results page much quicker.
Fixes 282.
2016-06-07 22:31:55 -05:00
Jordan Wright 3d5b330c61 Merge branch 'master' of github.com:gophish/gophish 2016-06-07 21:42:31 -05:00
Jordan Wright 082023aae0 Adding the ability to schedule campaigns. Fixes #21 2016-06-07 21:42:09 -05:00
Rob Cutmore 80c799e0cc Clear input after adding group to campaign 2016-06-05 18:00:52 -04:00
Jordan Wright 1933eb7ff1 Adding better error handling for SMTP server
JSBeautify sending_profiles.js
2016-05-30 14:53:32 -05:00
Jordan Wright 8211116375 Fixing some minor xss issues - Fixes #272 2016-05-25 18:35:47 -05:00
Jordan Wright 83a17e8c2d Added early catching of invalid template values. Fixes #193 2016-04-02 18:33:25 -05:00
Jordan Wright 49b0646454 Fixed static file handling on phishing server + documentation. Fixes #164 2016-03-23 14:11:47 -05:00
Jordan Wright 9322d70fce Starting to fix some validation issues. 2016-03-21 19:30:43 -05:00
Jordan Wright 16b225b189 Fixed issue where it will now stay on same page after ajax update 2016-03-19 20:51:42 -05:00
Jordan Wright b10c4b3d3a Now returning valid tracking image. Fixes #202 2016-03-18 23:35:07 -05:00
Jordan Wright 52b9eda3b2 Added support for redirect URL's after creds are submitted. Fixes #210 2016-03-18 20:19:13 -05:00
Jordan Wright cfba48a824 Added the ability to convert links on email import to point to the landing page. Fixes #201 2016-03-10 20:35:33 -06:00
Jordan Wright 9d5f8d640f Improved page titles - Fixes #198 2016-03-09 18:17:46 -06:00
Jordan Wright 095da00a05 Merge branch 'master' of github.com:gophish/gophish 2016-03-08 21:37:40 -06:00
Jordan Wright 1062d1b3b8 Adding colors for the timeline 2016-03-08 21:37:30 -06:00
Rob Cutmore 7130b7a249 Fix issue when tabbing to file input button
Previously when tabbing to a file input button the button text would
disappear. This ensures text remains viewable when tabbing to button.
2016-03-07 06:08:43 -05:00
Justin Gray a3b89472e0 Added hotfix for issues, closes #187. There could be a better way to do this. 2016-03-02 22:52:29 -06:00
Rob Cutmore e39ae8dfdd Confirm password on registration or change
Updated to confirm password when registering user or changing a
user's password.

Fixes #180
2016-03-02 08:33:27 -05:00
Jordan Wright 9485ea2ecd Removing unneeded bootstrap backup file. 2016-02-29 21:44:52 -06:00
Jordan Wright f3a3a6e79a Fixed trimmed logo on mobile devices. Fixes #82 2016-02-29 21:40:36 -06:00
Jordan Wright 76962749b1 Moved "Add Tracking Image" changes to the copy() function 2016-02-29 21:30:20 -06:00
Jordan Wright 78f378fc28 Added better handling of the "Include Tracking Image" option 2016-02-29 21:20:46 -06:00
Jordan Wright 8a3f990d1f Updated User Guide 2016-02-28 23:22:27 -06:00
Jordan Wright 6b61b24f68 Merge branch 'master' into 78-store-smtp-settings
# Conflicts:
#	models/models_test.go
#	static/js/app/landing_pages.js
2016-02-28 22:08:39 -06:00
William Woodson 7d52c8a7ab Update campaign copy function to work with saved SMTP data 2016-02-27 21:13:35 -06:00
William Woodson cc241ea67e Merge remote-tracking branch 'origin/160-clone-campaigns' into 78-store-smtp-settings 2016-02-27 20:08:02 -06:00
William Woodson f1d1d6838b Updated js on sending_profiles page to work with updated /util/send_test_email 2016-02-27 08:34:33 -06:00
Jordan Wright 4810222404 Merge branch '124-capture-passwords' 2016-02-25 20:04:48 -06:00
Jordan Wright b0dd96d088 Merge branch 'master' into 124-capture-passwords 2016-02-25 20:02:15 -06:00
Jordan Wright 44fa8127fc Adding the ability to capture submitted data via the UI. Fixes #124 2016-02-25 19:58:49 -06:00
Jordan Wright 89ae56fb94 Merge pull request #174 from gophish/148-polling
Implemented Polling for Campaign Updates
2016-02-24 21:26:32 -06:00
Jordan Wright 79627d5579 Fixed caret not being saved.
Added realtime updates to timeline
2016-02-24 17:48:54 -06:00
Jordan Wright 0c72e8b69a Added updating of datamaps with new bubbles 2016-02-23 18:50:07 -06:00
Jordan Wright 95fb02bade Cleaning up some logic on updating the email chart legend. 2016-02-23 11:51:43 -06:00
Jordan Wright 53e5508bca Upgrading Datatables 2016-02-22 22:40:33 -06:00
William Woodson ffb14b7927 Created default email template and landing page passed for _send_test_email_ in sending profile page 2016-02-22 22:27:23 -06:00
William Woodson a3376a702f Working on send test email in sending_profiles page 2016-02-22 06:25:29 -06:00
William Woodson a2ee229848 More cleaning up artifacts in modals on edit/copy/new for #143 2016-02-22 05:57:03 -06:00
Jordan Wright f7b63adfbb Added basic polling updates for the charts. Made the call to get campaign results be async. 2016-02-21 20:55:27 -06:00
William Woodson 9c7adb9941 Cleaning up artifacts in modals on edit/copy/new for #143 2016-02-21 17:00:37 -06:00
William Woodson b2eafd07c3 Updated new campaigns modal, send test email modal, and js to use sending profile 2016-02-21 12:04:17 -06:00
William Woodson 3d8126e981 Started frontend work for sending test email from sending_profiles page. This will need to wait for rewrite of /util/send_test_email to send with default template, etc. 2016-02-21 10:40:26 -06:00
William Woodson 2d503ff215 Added Sending Profiles page and sending_profiles.js for interacting with /smtp/ API endpoint 2016-02-21 09:44:36 -06:00
William Woodson 1dd1851ce7 Added functions for handling SMTP objects to gophish.js API client 2016-02-20 21:24:28 -06:00
William Woodson 828e42bc3b Created routes, template, js for sending_profiles page 2016-02-20 17:24:08 -06:00
William Woodson 225c457a9c Added current version of user guide to local content. This should be kept in sync with features of the local gophish version 2016-02-20 17:23:58 -06:00
Jordan Wright 77e38b6c72 Added datatables sorting for dashboard campaigns. Fixes #166. Also formatting fixes. 2016-02-18 18:42:00 -06:00
Jordan Wright a00eaf2096 Initial copy function - need to handle #78 before this will be fully functional 2016-02-17 20:47:16 -06:00
Jordan Wright 81f4e1e097 Added ability to copy templates. Fixes #156 2016-02-15 20:41:07 -06:00
Jordan Wright b51cea7a57 Added the ability to copy landing pages 2016-02-15 20:03:27 -06:00
Jordan Wright 913f444598 Fixing results download in Firefox. Fixes #153 2016-02-15 12:18:21 -06:00
Jordan Wright bbe0163366 Adding checkboxes to handle capturing credentials and passwords 2016-02-13 16:11:45 -06:00
Jordan Wright b9995456c2 A few style tweaks 2016-02-12 21:26:01 -06:00
Jordan Wright 12975bf0c3 Adding the JS to handle submitting the "ignore cert errors" with a campaign.
Adding JS to handle showing errors on email submissions
2016-02-12 21:25:49 -06:00
Jordan Wright c436bdb514 Added UI checkbox... working on sendmail function 2016-02-09 22:08:41 -06:00
Jordan Wright a0a8a7b8ad Merge pull request #123 from gophish/61-record-browser-post
Capture Credentials Sent via POST
2016-02-02 22:54:42 -06:00
Jordan Wright 99da20abc0 Added table for displaying submitted data. 2016-02-02 22:49:30 -06:00
Jordan Wright 528d8525b1 Added basic table to display results - last step is the JS to dynamically show it. 2016-02-01 21:53:00 -06:00
Jordan Wright ce8a9e5456 Changed status of new targets to "Sending" instead of "Unknown". Fixes #112 2016-02-01 20:42:46 -06:00
Jordan Wright 94e43fe557 Initial commit - adding db migration as well as the logic to add the payload 2016-01-31 19:50:41 -06:00
Jordan Wright d714635e69 Added ability to export raw events. Fixes #102 2016-01-29 13:18:06 -06:00
Jordan Wright 17e81e6caa Added event on sending email error. Fixes #99 2016-01-29 12:34:29 -06:00
Jordan Wright 7854d8e96d Finishing up first release of timeline format 2016-01-29 09:55:49 -06:00
Jordan Wright 741adfa2e3 Upgrading Font-Awesome to 4.5. Closes #101 2016-01-29 09:36:25 -06:00
Jordan Wright dbc407676e Adding initial structure of timeline 2016-01-29 08:31:58 -06:00
Jordan Wright 42efd1f321 Changed Exclamation Mark to Check Mark 2016-01-24 20:07:46 -06:00
Jordan Wright e4d6e68147 Added ability to send a test email before launching a campaign 2016-01-24 20:03:53 -06:00
Jordan Wright 33947086b3 Added async option to the API to address async/synch requests until I can migrate all to async 2016-01-24 19:48:15 -06:00
Jordan Wright cf4565caf6 Changing label font to be Roboto 2016-01-21 00:00:41 -06:00
Jordan Wright 080b3a6c27 Merge branch 'table-style' of https://github.com/StrangeUSB/gophish into StrangeUSB-table-style
# Conflicts:
#	static/js/app/campaigns.js
#	static/js/app/dashboard.js
#	static/js/app/landing_pages.js
#	static/js/app/templates.js
#	static/js/app/users.js
2016-01-20 21:53:12 -06:00
Justin Gray 964ce6f152 Fixed Double Instantiation
When a modal was closed and the data was loaded again it tried to
instantiate the table again, so always destroy the table on load.
2016-01-20 20:35:51 -06:00
Justin Gray 0bdc4a751d Remove unnecessary code
Removed check and just always destroy and rebuild datatables.
2016-01-20 20:33:59 -06:00
Justin Gray 22c2f659e8 Fixed the attachments table
Fixed the sorting on the attachments table, there could be opportunity
to clean this up a little.
2016-01-20 19:42:41 -06:00
Jordan Wright 92e3d2a4fd Merge pull request #86 from gophish/81-campaign-launch-button
Changed button on campaign to say "Launch Campaign". Fixes #81
2016-01-20 19:04:35 -06:00
Jordan Wright 52e5c60511 Changed button on campaign to say "Launch Campaign" - minor formatting fixes. 2016-01-20 19:00:32 -06:00
Jordan Wright 655faaf72b Added ability to export as CSV. Fixes #34 2016-01-20 18:45:53 -06:00
Jordan Wright 1b5fb638ea Fixed new campaign redirect 2016-01-18 11:53:27 -06:00
Jordan Wright ac368e1046 Fixing tooltips on campaign results table 2016-01-17 22:20:38 -06:00
Justin Gray b9fd654f8a Added no-sort options to tables
Added a no-sort class to column headers where sorting doesn’t make
sense.  Still have the attachments table in the templates page to do,
there was something strange happening.
2016-01-17 15:27:11 -06:00
Justin Gray 2ff2cbd1ca Changed Sortable Icon Color
Changed the color of the sortable icon back to the initial color.  Adds
a little more contrast to the enabled icon.
2016-01-17 14:37:18 -06:00
William Woodson fa5a5c65af fix dumb things in last commit 2016-01-17 13:25:13 -06:00
William Woodson e6a9848c20 UI fixes to dashboard, campaign, and campaign_result views. fixes #76 2016-01-17 13:21:06 -06:00
Justin Gray 84d21ab655 Sample Table Style
Changed the style of the add/manage users table.
2016-01-17 01:31:46 -06:00
Jordan Wright 3ae09be989 Final fix for campaign deletion 2016-01-16 23:50:32 -06:00
Jordan Wright cff666119e Added ability to delete campaign. Fixes #72 2016-01-16 23:50:11 -06:00
Jordan Wright 2dda83814c Formatting Javascript using js-beautifier 2016-01-16 22:59:40 -06:00
Jordan Wright 65005a2805 Moved modal closing to hide.bs.modal - Fixes #71 2016-01-16 19:24:13 -06:00
Jordan Wright a6748a7d5f Added "Add Tracking Image" checkbox to template modal 2016-01-13 22:42:16 -06:00
Jordan Wright 7c9e5195f5 Fixed inverted tooltip toggle issue 2016-01-13 22:41:39 -06:00
Jordan Wright e29e3335c5 Fix CSS Navbar Bug to Collapse Sooner 2016-01-13 21:06:29 -06:00
Jordan Wright 3316468cb3 Changed color to #283F50. Fixes #52 2016-01-06 20:44:30 -06:00
Jordan Wright c6cd018536 Added IP, Lat and Lon to models.Result. Closes #47
Added basic mapping on campaign results. Closes #51
2016-01-04 00:04:10 -06:00
Jordan Wright 72f6387b3b Fixed date format on dashboard for consistency 2015-12-31 11:05:00 -06:00
Jordan Wright 04a942298d Small UI fix to remove loading icon on campaign 404. 2015-12-26 22:00:18 -06:00
Jordan Wright 2c70a6a9d6 Changed styling of API Docs 2015-12-26 21:35:09 -06:00
Jordan Wright 594aef49a5 First draft of moving api docs to aglio - WIP 2015-12-25 22:09:32 -06:00
Jordan Wright 8141393480 Fixed page editing. Fixes #44 2015-10-23 18:35:42 -05:00
Jordan Wright 01c3da611b PhishHandler now loads landing page content. Fixes #37
Now supports autocomplete for modal typeahead. Fixes #40
Users can now specify landing pages in campaigns. Fixes #39
Implemented "Email Opened" status. Fixes #38
2015-10-22 22:29:10 -05:00
Jordan Wright b574fb2741 Implemented campaign.URL. Fixed #32
Implemented {{.From}}. Fixed #36
2015-10-22 19:54:01 -05:00
Jordan Wright b4a73ae5c7 Fixed datetime sorting
Fixes #30
2015-10-03 13:32:09 -05:00
Jordan Wright 3bbd6b7ca1 Fixing labels on dashboard
Added "Emails Sent" campaign status
2015-09-27 22:25:38 -05:00
Jordan Wright 6acbac26f5 Changing primary font from "Lato" to "Source Sans Pro/Roboto" 2015-09-25 19:49:40 -05:00
Jordan Wright c9f5a753c8 Removing dead code 2015-09-25 18:06:38 -05:00
Jordan Wright e783017280 Added typeahead for templates and fixed groups not being submitted
I fixed the typeahead for templates. This should allow for campaigns to finally be sent successfully.
2015-09-15 22:57:47 -05:00
Jordan Wright 9a13eef518 Tweaked Modal Fading Interaction (Open/Close actions) 2015-09-15 20:39:33 -05:00
Jordan Wright b45a72618d Adding the ability to import emails - WIP 2015-09-14 23:42:29 -05:00
Jordan Wright f51758f8c9 Fixed issue where links and other attributes could not be edited in CKEditor 2015-08-25 22:07:57 -05:00
Jordan Wright ba11f6428c Can now add/delete pages
Fixed test for importing a site - Now actually performs the right test.
2015-08-25 21:03:12 -05:00
Jordan Wright fad36607e4 Importing a site now works fairly well... just need to be able to save the "Landing Page" 2015-08-25 18:56:58 -05:00
Jordan Wright 1ec08d86cf Adding landing page frontend logic - basic page structure at this point 2015-08-23 15:20:28 -05:00
unknown 1cbb223939 Removing angular artifacts 2015-08-15 16:08:09 -05:00
unknown fc2aa71e91 Fixed settings - can now reset password, api key. 2015-08-15 16:03:39 -05:00
unknown ba43e683c2 Added ability to delete templates 2015-08-14 18:27:04 -05:00
unknown d79de6263d Updated templates page to handle PUT vs POST - can now edit templates 2015-08-14 18:24:02 -05:00
unknown a78e92a436 Changed look of donut chart legend
Fixed deleteCampaign tooltip
Moved Result Status styles to an object
Dashboard, Users,  now has fancy loading gif
Now only loading ckeditor from templates and landing pages templates
Starting to add maps (coming soon!)
2015-08-11 21:12:09 -05:00
unknown eacb4ddfd4 Fixed /users endpoint to now have the following functionality:
- Edit
- Delete
Also added group validation on PUT /api/groups/:id
2015-08-05 00:23:05 -05:00
unknown 5cd7268023 Upgraded chartist to v0.9.2 2015-08-04 21:27:21 -05:00
unknown 8c3bb3c04d Made some fixes to the timeline - waiting for chartist to support dynamic timeaxis.
Added legend to campaign_results email donut chart.
2015-08-04 21:27:04 -05:00
unknown 530a60cd08 Fixed tabs on campaign_results
Added email status chart on campaign_results
2015-08-01 15:35:32 -05:00
unknown 4f03224d98 Fixed event timeline chart - should work fairly well 2015-07-30 23:07:54 -05:00
unknown 9df97d9d05 Added some loading gifs to make things seem smoother.
Working on fixing up campaign_results.html endpoint to have the graphs, results table, etc.
2015-07-29 22:31:39 -05:00
unknown 67b28094db Removed highcharts (no longer needed)
Starting to add campaign_results page
2015-07-28 19:31:12 -05:00
unknown bb716bb681 Fixed background color on label-success to be consistent with ui theme 2015-07-27 21:32:21 -05:00
unknown e8d8f030d4 Fixed chart heights, made donut a bit wider
Added dynamic labels for campaign statuses at /campaigns
2015-07-27 21:31:08 -05:00
unknown 674c71e271 Added better donut chart with tooltips and legend. 2015-07-27 21:06:20 -05:00
unknown 1183cc1bee Removed chartjs in favor of chartist-js (better interaction, more customization, etc.)
Made a poc of the dashboard charts - need to work on styling.
Some basic css / nav changes
2015-07-27 19:44:10 -05:00
unknown a2252c1b5b UI fixes
working on campaign results page
2015-07-07 22:31:21 -05:00
unknown 4685b36928 Updated font-awesome to 4.3.0
Added buttons for editing/viewing/deleting objects in the tables (actual functionality to follow)
2015-07-06 22:26:08 -05:00
unknown 8224eb8989 Working on campaign creation - added hogan and typeahead 2015-06-29 23:52:26 -05:00
unknown 1d0636daab Can now create templates (working on edit functionality for all of these) 2015-06-29 19:33:11 -05:00
unknown 62323c170e Fixed csv upload on user import
Added moment.js for date formatting
UI Tweaks on pagination
Attachments are now a datatable (table all the things)
2015-06-27 19:21:46 -05:00
unknown 62fc7b2d97 Made progress handling adding attachments to templates 2015-06-25 02:53:03 -05:00
unknown ca378f835f UI fixes
Got submitting groups working
Fixed CKEditor integration on templates
2015-06-23 23:02:29 -05:00