Commit Graph

63 Commits (304aa3b6b7afd4e58ce8c90fced19776318cd578)

Author SHA1 Message Date
Stuart Small afa00e2a9c
Add ability to provide initial API key on service standup (#1883) 2020-07-01 22:06:31 -05:00
Jordan Wright bf76f86ea4 Adds environment variable to set the initial admin password
This change adds a `GOPHISH_INITIAL_ADMIN_PASSWORD` environment variable so that system administrators can set the initial admin password rather than having it randomly generated. This is especially useful in automated deployment scenarios, or scenarios using Docker (ref #1876, #1874)
2020-06-25 08:31:28 -05:00
Jordan Wright bb7de8df3e
Initial Implementation of a Password Policy (#1867)
This PR adds the initial work to implement a password policy as defined in #1538.

Specifically, this implements the following

* Rate limiting for the login handler
* Implementing the ability for system admins to require a user to reset their password
* Implementing a password policy that requires passwords to be a minimum of 8 characters
* Removes the default password (gophish) for admin users to instead have the password randomly generated when Gophish first starts up
* Adds a password strength meter when choosing a new password

Fixes #1538
2020-06-19 22:03:51 -05:00
Jordan Wright 0961e22126 Removed unneeded print statement 2020-05-25 20:55:00 -05:00
Jordan Wright be459e47bf
Refactoring tests to remove stretchr/testify dependency 2020-02-01 21:44:50 -06:00
Alex Maslakov 28cd7a238e Add Webhook Support
Adds support for managing outgoing webhooks. Closes #1602
2019-12-15 20:27:21 -06:00
Christian Schwartz 26d99b5a65 Add support for encrypted connections to mysql (#1460) 2019-06-03 22:04:54 -05:00
gfrancqu af4c8f61da Wait for db (#1402)
Added a loop that attempts to connect to the configured database.
2019-03-27 22:48:31 -05:00
Jordan Wright ba8ceb81da
Initial commit of RBAC support. (#1366)
* Initial commit of RBAC support. Closes #1333
2019-02-19 20:33:50 -06:00
Jordan Wright a73ac4ab7c Fixed various minor linting issues 2018-12-15 21:38:51 -06:00
Jordan Wright 47f0049c30
Refactor servers (#1321)
* Refactoring servers to support custom workers and graceful shutdown.
* Refactoring workers to support custom mailers.
* Refactoring mailer to be an interface, with proper instances instead of a single global instance
* Cleaning up a few things. Locking maillogs for campaigns set to launch immediately to prevent a race condition.
* Cleaning up API middleware to be simpler
* Moving template parameters to separate struct
* Changed LoadConfig to return config object
* Cleaned up some error handling, removing uninitialized global error in models package
* Changed static file serving to use the unindexed package
2018-12-15 15:42:32 -06:00
Jordan Wright 5d23263898
Moved logging to logrus package. Not perfect yet (still want to update the access logs), but should set the foundation to make better logging in the future. 2018-05-03 19:07:41 -05:00
Jordan Wright f21536da7c
Adding "Report Email" Support (#1014)
Adds the capability to report phishing campaigns using an email client extension.

**Note: Gophish does not currently provide an email client extension out of the box. This is simply a mechanism to let existing email client add-ons send report status information to Gophish, and have that information reflected in the dashboard.**
2018-03-18 22:03:00 -05:00
Jordan Wright 0f4ac70049
Fixed the way the initial admin is created to better support MySQL installations. Fixes #948 2018-02-08 19:04:59 -06:00
Shuhei Kitagawa 405bc5effe Refactor GetUserByUsername method not to suppress an error (#920)
Also adding some other tests for the User models.
2018-01-11 18:37:38 -06:00
Jordan Wright 76ece15b71
Email refactoring (#878)
The initial pass at refactoring the way we send emails.
2017-12-09 15:42:07 -06:00
Jordan Wright f12af50d46 Adding support for Mysql (#442)
Thanks, @svigne1!

Fixes #53
2016-11-19 10:37:22 -06:00
Jordan Wright 43cbc1d65f Fixed issue with incomplete campaign creation with large user counts. Fixes #436. Fixes #368 2016-11-18 22:01:38 -06:00
Jordan Wright b00e6746d5 Potential fix for database locking issue. Fixes #331 2016-08-02 23:28:22 -05:00
Jordan Wright d43a888b26 Updating gorm constructs to support gorm v1.0 released yesterday. 2016-03-08 22:37:55 -06:00
Jordan Wright a0a8a7b8ad Merge pull request #123 from gophish/61-record-browser-post
Capture Credentials Sent via POST
2016-02-02 22:54:42 -06:00
Jordan Wright ce8a9e5456 Changed status of new targets to "Sending" instead of "Unknown". Fixes #112 2016-02-01 20:42:46 -06:00
Jordan Wright 94e43fe557 Initial commit - adding db migration as well as the logic to add the payload 2016-01-31 19:50:41 -06:00
Jordan Wright 17e81e6caa Added event on sending email error. Fixes #99 2016-01-29 12:34:29 -06:00
Jordan Wright 379edf73a3 Adding first round of database migrations using goose 2016-01-18 21:13:32 -06:00
Jordan Wright fc6d556742 Caused API key to be generated dynamically for admin user. Fixes #60 2016-01-12 20:46:17 -06:00
William Woodson 3a0fa4f93f Update bcrypt dependency and code moved to gophish group 2016-01-10 11:04:03 -06:00
Jordan Wright 3bbd6b7ca1 Fixing labels on dashboard
Added "Emails Sent" campaign status
2015-09-27 22:25:38 -05:00
Jordan Wright abafb02586 Fixed issue where database wasn't getting created properly on Linux distros. 2015-08-28 18:27:49 -05:00
unknown f21d40d77a Registration works again.
Additional cleanup, removing unused code
2015-02-07 17:30:22 -06:00
unknown c318424ac0 Starting to integrate landing page functionality (still not working).
Also did some minor cleanup.
2015-02-06 20:24:10 -06:00
Jordan 83ab6ffb52 Working on adding support for template file attachments 2014-07-12 13:46:38 -05:00
Jordan cc2ae713e5 Made models more consistent
Added UserId field to result (for use in looking up campaign when result is clicked)
2014-07-06 21:34:02 -05:00
Jordan 02c7c4b5b1 Moved models.Result into its own file
Added initial dashboard template (some updates and changes will be needed)
Added some documentation
2014-07-01 20:32:34 -05:00
Jordan 49da412538 Adding handling for campaign events
Cleaned up user import button
Cleaning up modal interfacing
Added ability to set result status
2014-06-25 21:01:01 -05:00
Jordan db24496fb0 Adding logic to handle getting the template for a campaign
Added SMTP Model
Added better flash support in controllers.js
Added SMTP Options accordion in campaign modal
2014-06-03 13:27:20 -05:00
Jordan 96cefc4931 Cleaned up possible (very unlikely?) permission issue
Better logging in controllers module
DRY changes to API
Added Data attribute to models.Response struct
Added GetTemplateByName (will be used in filling out campaign)
Changed modal to be 800px on large screens for better previews
2014-06-01 23:38:21 -05:00
Jordan 31aa5614a0 Moving JSON Responses to a standard Response object
Added cursor:pointer styling to dropdown menus
2014-06-01 22:30:23 -05:00
Jordan 25cbaf92ce Changed templates to have a 1-1 relationship with user (will implement sharing differently later)
Working on implementing /api/template/:id methods
Removed API_Campaigns_Id_Launch method (will just POST using template from angularjs scope later)
2014-05-28 18:48:30 -05:00
Jordan 7c50f4dbb4 Initial commit of worker.go (Still work to do)
Moved constants to models.go
Changed Campaign.Template to be an actual template (will need to adjust all the methods to handle it)
Added UpdateCampaignStatus function to update a campaign status
2014-03-27 23:31:51 -05:00
Jordan f0e7ac46c8 Integrated gorm with templates - Gorm integration complete
Updated groups to belong to one user. I may make a Team and TeamGroups, and TeamUsers m2m relationships later.
Added another test - more on the way soon.
2014-03-27 13:19:57 -05:00
Jordan cb9c405f46 Added better testing with gocheck
Fixed some typos leading to syntax errors
TODO: Finish up gorm integration into templates
2014-03-26 21:42:07 -05:00
Jordan 5740ee3273 Fixed bug in POSTing campaign
Removed gorp initialization code from models.go
2014-03-26 14:50:16 -05:00
Jordan 6e5361b210 Continuing gorm integration
Todo:
Templates
2014-03-26 14:32:48 -05:00
Jordan e137126a90 Working on gorm integration
TODO:
[ ] Finish up groups (many-to-many with group_targets)
[ ] Convert Template models
2014-03-25 23:53:51 -05:00
Jordan 92af237258 Changed the init to Setup() for better control over DB creation 2014-03-24 22:38:59 -05:00
Jordan 584d7dbc23 Major refactoring - modularized models into separate files. Removed db package (moved to models)
I will be looking to migrate to gorm (instead of gorp) soon!
2014-03-24 22:31:33 -05:00
Jordan b3e411c54c Adding DB table for template attachments (coming soon)
Cleanup API docs for campaigns
Added "omitempty" for Campaign model
2014-03-18 18:08:17 -05:00
Jordan 9b94971a1d Implementing Template API calls (todo: PUT, DELETE)
Cleaning up documentation for templates
Bugfix for DB Tables
2014-03-16 22:18:48 -05:00
Jordan 3f30d08bf5 Working on implementing templates 2014-03-16 22:02:06 -05:00