Jordan Wright
f7dee1e938
Removed directory listing of static assets. Fixes #1077 . Fixes #815
2018-05-23 23:03:48 -05:00
Jordan Wright
5d23263898
Moved logging to logrus package. Not perfect yet (still want to update the access logs), but should set the foundation to make better logging in the future.
2018-05-03 19:07:41 -05:00
Jordan Wright
5f3c94d0cf
Add support for authenticating to the API via an Authorization Bearer token.
2018-04-21 12:19:58 -05:00
Jordan Wright
3a7a62e9d6
Changed /api/reset to require API key instead of just requiring a valid session. Fixes #1028
2018-03-29 20:59:26 -05:00
Jordan Wright
2131c17c33
Fixing SSRF by requiring an API key for all import endpoints. Fixes #1026
2018-03-26 21:04:22 -05:00
Jordan Wright
eb2f0e38c7
Better handling of template errors when rendering the phishing page. Fixes #1008 .
2018-03-22 21:29:07 -05:00
Jordan Wright
f21536da7c
Adding "Report Email" Support ( #1014 )
...
Adds the capability to report phishing campaigns using an email client extension.
**Note: Gophish does not currently provide an email client extension out of the box. This is simply a mechanism to let existing email client add-ons send report status information to Gophish, and have that information reflected in the dashboard.**
2018-03-18 22:03:00 -05:00
Jordan Wright
c9ff8714a0
Moved rid parameter to a separate constant. Fixes #911
2018-02-22 23:02:27 -06:00
Jordan Wright
aa8c770e73
Adding "next" parameter to support redirecting after successful login.
2017-12-10 21:40:46 -06:00
Jordan Wright
227da5c7b9
Change failed login status code to 401. Fixes #833
2017-12-10 18:11:32 -06:00
Jordan Wright
76ece15b71
Email refactoring ( #878 )
...
The initial pass at refactoring the way we send emails.
2017-12-09 15:42:07 -06:00
Jordan Wright
26d2ca7344
Fixed some validation weirdness when sending a test email. Fixes #739
2017-09-05 22:35:54 -05:00
Jordan Wright
58a57589bd
Updates all datetimes to use UTC on the backend. This includes a DB migration to convert existing dates.
...
Fixes #316
2017-08-28 22:48:49 -05:00
Jordan Wright
e42302ebf9
Moved phishing handlers into separate file and added a ton of tests.
2017-06-08 23:41:38 -05:00
Jordan Wright
871114a17d
Cleaning up RobotsHandler
2017-04-27 18:14:14 -05:00
Matt D
5f5c8141c9
Add robots.txt handler ( #604 )
...
Disallow all robots from accessing the phishing server, to prevent phishing materials from being indexed during campaigns.
2017-04-27 18:04:22 -05:00
Jordan Wright
d67dcc889a
Don't overwrite status to email opened if the user has already clicked the link or submitted data. Fixes #529
2017-02-23 23:23:05 -06:00
Jordan Wright
7453fd3b48
Added summary routes for groups.
...
Routes:
/api/groups/summary
/api/groups/:id/summary
The UI is now using these routes for the "Users & Groups" page.
2017-01-14 17:26:04 -06:00
Jordan Wright
8738ebbb35
Added campaign summary routes:
...
/api/campaigns/summary
/api/campaigns/:id/summary
This is part of #505
2017-01-05 21:48:54 -06:00
Jordan Wright
9982769d0f
Making result statuses more granular as part of #505
2017-01-05 17:40:45 -06:00
Jordan Wright
a05ee944a6
Added a route to allow paths in URL and still enable tracking. Fixes #498
2016-12-26 16:23:07 -06:00
Jordan Wright
f195a8c7d9
Now recording address and user-agent when tracking pixel is requested. Fixes #427
2016-11-20 23:22:58 -06:00
Jordan Wright
f12af50d46
Adding support for Mysql ( #442 )
...
Thanks, @svigne1!
Fixes #53
2016-11-19 10:37:22 -06:00
Jordan Wright
8f62e77884
Removed unused Location header
2016-11-19 09:16:59 -06:00
Jordan Wright
770bff192a
Merge branch 'master' of https://github.com/gophish/gophish
2016-09-15 00:27:31 -05:00
Jordan Wright
7740bb3e95
Added ability to use {{.URL}} and {{.From}} in landing pages
2016-09-15 00:27:10 -05:00
s vignesh
208b3e098c
Fixing Memory Leak When Importing a Site
2016-09-15 01:03:55 -04:00
Jordan Wright
103fd72cc8
Fixing context issues with Go 1.7.
2016-09-14 22:24:51 -05:00
Jordan Wright
ac62f33e80
Now capturing IP and User Agent information in event logs. Fixes #280
2016-08-08 18:28:19 -05:00
Jordan Wright
33df3c3868
Added the version to the settings page.
2016-08-06 18:58:34 -05:00
Jordan Wright
576aa469e9
Adding the ability to replay credentials from the campaign results page
2016-08-06 18:06:18 -05:00
Jordan Wright
2eb2bf90a1
Added ability to use template values in Landing Pages. Fixes #327
2016-07-24 19:37:14 -05:00
Jordan Wright
1dbf061d87
Implement the ability to complete a campaign. Fixes #290 .
...
First implementation of new alert format.
2016-07-11 22:11:40 -05:00
Rob Cutmore
97c9bd16d1
Fix comments for group API functions
2016-06-23 06:04:35 -04:00
Jordan Wright
c5d6792bba
Added /campaigns/:id/results endpoint to return campaign summary and make results page much quicker.
...
Fixes 282.
2016-06-07 22:31:55 -05:00
Jordan Wright
082023aae0
Adding the ability to schedule campaigns. Fixes #21
2016-06-07 21:42:09 -05:00
Jordan Wright
1933eb7ff1
Adding better error handling for SMTP server
...
JSBeautify sending_profiles.js
2016-05-30 14:53:32 -05:00
Jordan Wright
49b0646454
Fixed static file handling on phishing server + documentation. Fixes #164
2016-03-23 14:11:47 -05:00
Jordan Wright
b10c4b3d3a
Now returning valid tracking image. Fixes #202
2016-03-18 23:35:07 -05:00
Jordan Wright
52b9eda3b2
Added support for redirect URL's after creds are submitted. Fixes #210
2016-03-18 20:19:13 -05:00
Jordan Wright
cfba48a824
Added the ability to convert links on email import to point to the landing page. Fixes #201
2016-03-10 20:35:33 -06:00
Jordan Wright
c979dbd58d
Added support for X-Forwarded-For. Fixes #203
2016-03-10 18:54:30 -06:00
Jordan Wright
219d546a8d
Ignoring SSL cert issues when importing a site. Fixes #200
2016-03-09 18:55:39 -06:00
Jordan Wright
d43a888b26
Updating gorm constructs to support gorm v1.0 released yesterday.
2016-03-08 22:37:55 -06:00
Jordan Wright
6b61b24f68
Merge branch 'master' into 78-store-smtp-settings
...
# Conflicts:
# models/models_test.go
# static/js/app/landing_pages.js
2016-02-28 22:08:39 -06:00
William Woodson
7ca63f55be
gofmt, because that is a thing
2016-02-27 08:37:02 -06:00
William Woodson
80fc04924d
Added handling to /util/send_test_email to use default on empty template and accept a validated SMTP object from send test email workflow on sending profiles page
2016-02-27 08:32:10 -06:00
Jordan Wright
b0dd96d088
Merge branch 'master' into 124-capture-passwords
2016-02-25 20:02:15 -06:00
Jordan Wright
44fa8127fc
Adding the ability to capture submitted data via the UI. Fixes #124
2016-02-25 19:58:49 -06:00
Jordan Wright
553ead7d68
Moved fmt prints to Logger prints
2016-02-21 22:18:34 -06:00