Commit Graph

165 Commits (326649b177d0953f9dff6aad70800f4b7964e93f)

Author SHA1 Message Date
Jordan Wright 6b61b24f68 Merge branch 'master' into 78-store-smtp-settings
# Conflicts:
#	models/models_test.go
#	static/js/app/landing_pages.js
2016-02-28 22:08:39 -06:00
William Woodson 7ca63f55be gofmt, because that is a thing 2016-02-27 08:37:02 -06:00
William Woodson 80fc04924d Added handling to /util/send_test_email to use default on empty template and accept a validated SMTP object from send test email workflow on sending profiles page 2016-02-27 08:32:10 -06:00
Jordan Wright b0dd96d088 Merge branch 'master' into 124-capture-passwords 2016-02-25 20:02:15 -06:00
Jordan Wright 44fa8127fc Adding the ability to capture submitted data via the UI. Fixes #124 2016-02-25 19:58:49 -06:00
Jordan Wright 553ead7d68 Moved fmt prints to Logger prints 2016-02-21 22:18:34 -06:00
Jordan Wright 7bf2c00356 gofmt'ing 2016-02-21 21:09:14 -06:00
William Woodson 9818410fcf Updated campaign creation and send_test_email to use settings from sending profile 2016-02-21 12:05:40 -06:00
William Woodson dde2312183 Updated smtp model and api to support managing SMTP objects as independent entities 2016-02-20 21:08:52 -06:00
William Woodson 12823468d3 Fixed page titles for several routes 2016-02-20 17:46:22 -06:00
William Woodson 0e1fe9eb0e Created API endpoint smtp for storing SMTP server config 2016-02-20 17:24:08 -06:00
William Woodson 828e42bc3b Created routes, template, js for sending_profiles page 2016-02-20 17:24:08 -06:00
Jordan Wright 3d9e447992 Removing support for empty passwords - fixes #149 2016-02-13 16:37:12 -06:00
Jordan Wright fdfeafa1ec Restricted registration to only logged in users. Fixes #137 2016-02-09 22:19:06 -06:00
Jordan Wright 62ffbcceda Added check on email open to avoid overwriting the click/data submit events. Fixes #119 2016-02-08 19:50:21 -06:00
Jordan Wright 94e43fe557 Initial commit - adding db migration as well as the logic to add the payload 2016-01-31 19:50:41 -06:00
Jordan Wright 32aaa15da7 Added documentation for multiple endpoints. Fixes #54 2016-01-24 20:47:16 -06:00
Jordan Wright e4d6e68147 Added ability to send a test email before launching a campaign 2016-01-24 20:03:53 -06:00
Jordan Wright 379edf73a3 Adding first round of database migrations using goose 2016-01-18 21:13:32 -06:00
William Woodson 44852546e0 Added UseTLS config option for both Admin and Phish servers 2016-01-17 10:45:13 -06:00
Jordan Wright 1d8ac6f9f3 Added better logging for campaign retrieval 2016-01-16 23:51:01 -06:00
William Woodson 3a0fa4f93f Update bcrypt dependency and code moved to gophish group 2016-01-10 11:04:03 -06:00
Jordan Wright c6cd018536 Added IP, Lat and Lon to models.Result. Closes #47
Added basic mapping on campaign results. Closes #51
2016-01-04 00:04:10 -06:00
Jordan Wright 594aef49a5 First draft of moving api docs to aglio - WIP 2015-12-25 22:09:32 -06:00
Jordan Wright 014efb449e Moved <base> tag to start of <head> tag. Fixes #42 2015-10-23 18:16:54 -05:00
Jordan Wright 01c3da611b PhishHandler now loads landing page content. Fixes #37
Now supports autocomplete for modal typeahead. Fixes #40
Users can now specify landing pages in campaigns. Fixes #39
Implemented "Email Opened" status. Fixes #38
2015-10-22 22:29:10 -05:00
Jordan Wright 47619a8426 Fixing CSRF Exceptions 2015-10-03 15:55:06 -05:00
Jordan Wright 906c4e8a93 Adjusted CSRF whitelisted paths so remove dependency on / in path.
Fixes #31
2015-10-03 15:16:11 -05:00
Jordan Wright b45a72618d Adding the ability to import emails - WIP 2015-09-14 23:42:29 -05:00
Jordan Wright ba11f6428c Can now add/delete pages
Fixed test for importing a site - Now actually performs the right test.
2015-08-25 21:03:12 -05:00
Jordan Wright 54fe866d71 Added /api/import/site functionality 2015-08-23 20:42:47 -05:00
unknown fc2aa71e91 Fixed settings - can now reset password, api key. 2015-08-15 16:03:39 -05:00
unknown eacb4ddfd4 Fixed /users endpoint to now have the following functionality:
- Edit
- Delete
Also added group validation on PUT /api/groups/:id
2015-08-05 00:23:05 -05:00
unknown 0e496bdf73 Migrated settings (at least it loads).
Working on making the template syntax consistent across all the files, cleaning them up, etc.
2015-06-21 16:10:47 -05:00
unknown e1eadc3892 Re-organizing files to use Jquery instead of Angular 2015-06-15 16:49:16 -05:00
unknown 7af35237a7 Working on tracking and email handling - want to make it as smooth as possible
Removed flash that shouldn't have been on the campaigns page
Added small time delay to prevent connection overload - might remove it later, but it'll be tricky
2015-06-12 23:12:43 -05:00
unknown 03b25f5fee Cleaning up a bit of controllers.js #12
Working on site clone and email import
2015-06-12 18:22:17 -05:00
unknown 66dbe2e799 Cleaned up error messages - *all* errors in JSON format
Cleaned up flashes - fixes #13
Added specified errors - more to come soon
Added Campaign validation
Added Group validation
Cleaned up the way angular errors are handled. Will double check, but for the most part fixes #11
Results are now shown on the webui with most recent shown first
Added comments, additional cleanup, etc.
2015-02-21 00:11:22 -06:00
unknown 73e395cfe0 - Cleanup up flash messages for templates. Will fix for everything else later.
- Also fixed #5 with the help from CKEditor devs (duplicate ticket found)
2015-02-17 20:49:09 -06:00
unknown 759f86447d Working on importing emails from source (still doesn't work yet!) 2015-02-15 21:53:30 -06:00
unknown 4211abe78b Previewing Landing pages in a different window seems to work now.
Working on getting some site clone functionality working.
2015-02-08 18:37:07 -06:00
unknown f21d40d77a Registration works again.
Additional cleanup, removing unused code
2015-02-07 17:30:22 -06:00
unknown 669d96d279 More work implementing pages.
More cleanup - changing *all* API errors to be returned via JSON
Fixed bug where /api/pages/ was not csrf exempt
Changed db column/table names to be more user friendly in the case of acronyms (Id, SMTP, etc.)
2015-02-07 14:31:41 -06:00
unknown c8be0ddb74 Still working on pages integration. Added skeleton for page HTML previewing in a new browser.
Additional cleanup, documentation
Changed return values for /api/templates and /api/pages to return empty array [] if no results (like /api/campaigns was already doing)
2015-02-07 10:41:53 -06:00
unknown c318424ac0 Starting to integrate landing page functionality (still not working).
Also did some minor cleanup.
2015-02-06 20:24:10 -06:00
unknown d567153d2a Time to get back to work - starting with some simple comment fixes. 2015-01-28 17:56:56 -06:00
Jordan 33b9ec2196 Bug fixes on PUT /api/template
Hotfix for buffer issue in worker.go.. going to find out the root cause and fix it properly
2014-08-07 05:48:52 -05:00
Jordan 86dca67a5a Finished implementing PUT /templates/:id
Now deleting events on campaign deletion
Added some minor UI fixes and changes
2014-07-23 21:04:38 -05:00
Jordan cc2ae713e5 Made models more consistent
Added UserId field to result (for use in looking up campaign when result is clicked)
2014-07-06 21:34:02 -05:00
Jordan ad3e69e6ae Fixed PUT /api/template/:id - Works now! 2014-07-06 13:06:18 -05:00
Jordan 02c7c4b5b1 Moved models.Result into its own file
Added initial dashboard template (some updates and changes will be needed)
Added some documentation
2014-07-01 20:32:34 -05:00
Jordan 0f603e6501 Added http handler for phishing endpoint - Will add content soon
Updated config.go to reflect the new changes
2014-06-29 16:44:16 -05:00
Jordan efec86ae56 Added util package for handling misc. tasks
Added basic (*not finished*) functionality for handling bulk user insert
2014-06-21 21:06:16 -05:00
Jordan 01901c9008 Decoupling campaign.go a bit
Added #!/campaigns route so that #!/ can be used for a dashboard in the future
2014-06-21 12:19:49 -05:00
Jordan af44dbb07c Changed writeJSON to JSONResponse and added a status code argument 2014-06-02 20:56:30 -05:00
Jordan 96cefc4931 Cleaned up possible (very unlikely?) permission issue
Better logging in controllers module
DRY changes to API
Added Data attribute to models.Response struct
Added GetTemplateByName (will be used in filling out campaign)
Changed modal to be 800px on large screens for better previews
2014-06-01 23:38:21 -05:00
Jordan 31aa5614a0 Moving JSON Responses to a standard Response object
Added cursor:pointer styling to dropdown menus
2014-06-01 22:30:23 -05:00
Jordan 3dd22e8d7c Moved JSON encoding to helper function because DRY. 2014-05-29 11:57:33 -05:00
Jordan 7b39096e3f Added async settings update
Removed /settings GET endpoint (not needed, since AngularJS in use)
TODO: Move the anon struct in use to a model as appropriate
2014-05-28 23:29:41 -05:00
Jordan 25cbaf92ce Changed templates to have a 1-1 relationship with user (will implement sharing differently later)
Working on implementing /api/template/:id methods
Removed API_Campaigns_Id_Launch method (will just POST using template from angularjs scope later)
2014-05-28 18:48:30 -05:00
Jordan 9b216c5466 Major design change - more dashboard-ish.
Working on more angularjs + gophish abstraction. Gophish for backend, AngularJS for the frontend
Moved templates to partials for angular
Using FlatUI color scheme
2014-05-26 20:29:12 -05:00
Jordan 8c1bb58fe2 Added validation for campaigns... I'm considering making everything branch off of a Model Interface with Get(), Put(), Post(), and Delete(), etc. Might make things cleaner.
Added better error messages on the UI side
2014-03-28 00:21:42 -05:00
Jordan 7c50f4dbb4 Initial commit of worker.go (Still work to do)
Moved constants to models.go
Changed Campaign.Template to be an actual template (will need to adjust all the methods to handle it)
Added UpdateCampaignStatus function to update a campaign status
2014-03-27 23:31:51 -05:00
Jordan f0e7ac46c8 Integrated gorm with templates - Gorm integration complete
Updated groups to belong to one user. I may make a Team and TeamGroups, and TeamUsers m2m relationships later.
Added another test - more on the way soon.
2014-03-27 13:19:57 -05:00
Jordan 5740ee3273 Fixed bug in POSTing campaign
Removed gorp initialization code from models.go
2014-03-26 14:50:16 -05:00
Jordan e137126a90 Working on gorm integration
TODO:
[ ] Finish up groups (many-to-many with group_targets)
[ ] Convert Template models
2014-03-25 23:53:51 -05:00
Jordan 584d7dbc23 Major refactoring - modularized models into separate files. Removed db package (moved to models)
I will be looking to migrate to gorm (instead of gorp) soon!
2014-03-24 22:31:33 -05:00
Jordan 4dd9a5cc53 Checking for no targets on PUT /groups/:id 2014-03-24 19:12:04 -05:00
Jordan b3e3dd8ff1 Added "templates" Template, View, and Route
Added "unsafe" filter per stackoverflow
Updated side nav to include links to "/templates"
2014-03-18 15:20:34 -05:00
Jordan ef371f68bd Set StrictSlash on API router to automatically redirect to correct url if slash is not provided 2014-03-18 13:58:08 -05:00
Jordan 9b94971a1d Implementing Template API calls (todo: PUT, DELETE)
Cleaning up documentation for templates
Bugfix for DB Tables
2014-03-16 22:18:48 -05:00
Jordan 3f30d08bf5 Working on implementing templates 2014-03-16 22:02:06 -05:00
Jordan 5f1bd43344 Working on adding campaign results page 2014-03-13 15:12:03 -05:00
Jordan 77ea41c2f9 Added some error checking
Added flashes on campaign modal (coming soon to group modal)
2014-02-19 19:40:23 -06:00
Jordan 1e52267bfa Added ability to create campaigns
Need to improve GetCampaign() and GetCampaigns() to include Results and Groups
2014-02-18 14:22:16 -06:00
Jordan 2420e19e15 Implemented DELETE /api/groups/:id 2014-02-13 12:05:22 -06:00
Jordan 631cd1ad13 Fixed the way Angular POSTS data
Added error code to checkError to support responses such as BadRequest, NotFound, etc.
2014-02-12 10:43:54 -06:00
Jordan cdc776ec03 Implemented PUT /api/groups/:id
Updated documentation of functions in db module (other modules to come)
Created consistency in API documentation
2014-02-11 17:32:29 -06:00
Jordan c68bb5ab71 Added Swagger API Docs
Will work on trying to make the look more consistent later.
2014-02-11 11:39:36 -06:00
Jordan eb8491c144 Implemented ChangePassword() (now password can be changed from /settings)
A couple of UI fixes in tables
2014-02-10 13:02:44 -06:00
Jordan d72bc4b7df Updated interfacing with ng-table module. Will propagate changes to campaigns soon.
Updated footer copyright year
Cleaned up tables in templates
2014-02-10 01:15:36 -06:00
Jordan b471a886e3 Updated angular ui to support adding group
Updated POST /api/groups/ to successfully add group
Fixed CSRF in API issue
Moved PUT and DELETE to /api/groups/:id (TODO: Implement)
Changed SQL to use user_id instead of API key
It is now possible to add a new group! Will propagate logic to campaigns soon.
2014-02-09 19:34:47 -06:00
Jordan 6cbc47e80c Added ng-table support (for future pagination, sorting, etc.)
Created services for campaigns/groups
Changed modals to be binded to the data. Will improve on this soon!
Added trailing slash to api endpoints (I hope to be able to remove this later)
2014-02-07 19:40:16 -06:00
Jordan f1aade0bfa Quick bugfixes
Added dropdown to dashboard table
2014-02-06 21:36:00 -06:00
Jordan 12d86c7e13 Moved Group insertion to db.PostGroup()
Stubbed db.DeleteGroup()
Added better logging to db (Logging to come soon for all other packages)
2014-02-06 19:16:29 -06:00
Jordan cfd4e23b2b Updated API (/api/groups) 2014-02-06 13:30:05 -06:00
Jordan 4b97a88238 Fixed issues with GET /api/groups
Group names must now be unique (there's a bug here, but it will be fixed soon!)
2014-02-06 11:14:51 -06:00
Jordan 40cd2ae837 Cleaned up some errors
Implemented using db.* helpers (ie GetUser)
Implemented ChangePassword (not reachable from UI currently)
Fixed angular issue in settings.html template
2014-02-06 10:49:53 -06:00
Jordan af7a8f4c4e Added easier support for Flashes
Moving DB access (as much as possible) into `db` package.
2014-02-05 10:57:53 -06:00
Jordan 0bb9dc186c Finished implementing first version of GET, POST /api/groups 2014-02-04 21:53:11 -06:00
Jordan fb6cdb5caf Implementing /api/groups functionality. POST is almost working :) 2014-02-04 21:08:09 -06:00
Jordan 50292da53f Implemented Registration
Created auth.GenerateSecureKey to handle generating API Keys
2014-02-04 18:39:01 -06:00
Jordan 359fa01c1c Cleaned up csrf exemptions
Cleaned up models
Added UNIQUE constraint on many-many tables
Added form parsing/ userid from API key lookup in middleware
2014-02-04 15:23:09 -06:00
Jordan 7045c7f3e2 Refined CSRF Protection Exempt Glob (/api/* to /api/*/*) to provide CSRF protection /api/reset
Added stub for /api/campaigns/:id/launch
2014-02-03 23:41:31 -06:00
Jordan e0e15221b1 Updated README
Added CSRF Protection to login, /api/reset functions
Added auto highlighting of API key when clicked
2014-02-03 17:21:56 -06:00
Jordan ca884fd384 Implemented Logout function 2014-02-02 16:55:26 -06:00
Jordan 43417d160f Cleaning up some broken links
Changed default admin password to 'gophish'
Fixed bug in POST /api/campaigns
Starting to implements groups and users functionality
2014-02-02 16:37:36 -06:00
Jordan e312e90570 Added ability to reset API token
Cleaned up session flash handling
2014-02-02 14:47:06 -06:00
Jordan 2cfe2b8f8f Cleaning up documentation
Added targets, groups, group_target tables
2014-02-01 16:35:16 -06:00
Jordan 3edcc11e61 Cleaning up router
/campaigns - depreciated
/api/doc - now /api/
2014-01-31 21:49:35 -06:00