Jordan Wright
2131c17c33
Fixing SSRF by requiring an API key for all import endpoints. Fixes #1026
2018-03-26 21:04:22 -05:00
Jordan Wright
eb2f0e38c7
Better handling of template errors when rendering the phishing page. Fixes #1008 .
2018-03-22 21:29:07 -05:00
Jordan Wright
f21536da7c
Adding "Report Email" Support ( #1014 )
...
Adds the capability to report phishing campaigns using an email client extension.
**Note: Gophish does not currently provide an email client extension out of the box. This is simply a mechanism to let existing email client add-ons send report status information to Gophish, and have that information reflected in the dashboard.**
2018-03-18 22:03:00 -05:00
Jordan Wright
c9ff8714a0
Moved rid parameter to a separate constant. Fixes #911
2018-02-22 23:02:27 -06:00
Jordan Wright
aa8c770e73
Adding "next" parameter to support redirecting after successful login.
2017-12-10 21:40:46 -06:00
Jordan Wright
227da5c7b9
Change failed login status code to 401. Fixes #833
2017-12-10 18:11:32 -06:00
Jordan Wright
76ece15b71
Email refactoring ( #878 )
...
The initial pass at refactoring the way we send emails.
2017-12-09 15:42:07 -06:00
Jordan Wright
26d2ca7344
Fixed some validation weirdness when sending a test email. Fixes #739
2017-09-05 22:35:54 -05:00
Jordan Wright
58a57589bd
Updates all datetimes to use UTC on the backend. This includes a DB migration to convert existing dates.
...
Fixes #316
2017-08-28 22:48:49 -05:00
Jordan Wright
e42302ebf9
Moved phishing handlers into separate file and added a ton of tests.
2017-06-08 23:41:38 -05:00
Jordan Wright
871114a17d
Cleaning up RobotsHandler
2017-04-27 18:14:14 -05:00
Matt D
5f5c8141c9
Add robots.txt handler ( #604 )
...
Disallow all robots from accessing the phishing server, to prevent phishing materials from being indexed during campaigns.
2017-04-27 18:04:22 -05:00
Jordan Wright
d67dcc889a
Don't overwrite status to email opened if the user has already clicked the link or submitted data. Fixes #529
2017-02-23 23:23:05 -06:00
Jordan Wright
7453fd3b48
Added summary routes for groups.
...
Routes:
/api/groups/summary
/api/groups/:id/summary
The UI is now using these routes for the "Users & Groups" page.
2017-01-14 17:26:04 -06:00
Jordan Wright
8738ebbb35
Added campaign summary routes:
...
/api/campaigns/summary
/api/campaigns/:id/summary
This is part of #505
2017-01-05 21:48:54 -06:00
Jordan Wright
9982769d0f
Making result statuses more granular as part of #505
2017-01-05 17:40:45 -06:00
Jordan Wright
a05ee944a6
Added a route to allow paths in URL and still enable tracking. Fixes #498
2016-12-26 16:23:07 -06:00
Jordan Wright
f195a8c7d9
Now recording address and user-agent when tracking pixel is requested. Fixes #427
2016-11-20 23:22:58 -06:00
Jordan Wright
f12af50d46
Adding support for Mysql ( #442 )
...
Thanks, @svigne1!
Fixes #53
2016-11-19 10:37:22 -06:00
Jordan Wright
8f62e77884
Removed unused Location header
2016-11-19 09:16:59 -06:00
Jordan Wright
770bff192a
Merge branch 'master' of https://github.com/gophish/gophish
2016-09-15 00:27:31 -05:00
Jordan Wright
7740bb3e95
Added ability to use {{.URL}} and {{.From}} in landing pages
2016-09-15 00:27:10 -05:00
s vignesh
208b3e098c
Fixing Memory Leak When Importing a Site
2016-09-15 01:03:55 -04:00
Jordan Wright
103fd72cc8
Fixing context issues with Go 1.7.
2016-09-14 22:24:51 -05:00
Jordan Wright
ac62f33e80
Now capturing IP and User Agent information in event logs. Fixes #280
2016-08-08 18:28:19 -05:00
Jordan Wright
33df3c3868
Added the version to the settings page.
2016-08-06 18:58:34 -05:00
Jordan Wright
576aa469e9
Adding the ability to replay credentials from the campaign results page
2016-08-06 18:06:18 -05:00
Jordan Wright
2eb2bf90a1
Added ability to use template values in Landing Pages. Fixes #327
2016-07-24 19:37:14 -05:00
Jordan Wright
1dbf061d87
Implement the ability to complete a campaign. Fixes #290 .
...
First implementation of new alert format.
2016-07-11 22:11:40 -05:00
Rob Cutmore
97c9bd16d1
Fix comments for group API functions
2016-06-23 06:04:35 -04:00
Jordan Wright
c5d6792bba
Added /campaigns/:id/results endpoint to return campaign summary and make results page much quicker.
...
Fixes 282.
2016-06-07 22:31:55 -05:00
Jordan Wright
082023aae0
Adding the ability to schedule campaigns. Fixes #21
2016-06-07 21:42:09 -05:00
Jordan Wright
1933eb7ff1
Adding better error handling for SMTP server
...
JSBeautify sending_profiles.js
2016-05-30 14:53:32 -05:00
Jordan Wright
49b0646454
Fixed static file handling on phishing server + documentation. Fixes #164
2016-03-23 14:11:47 -05:00
Jordan Wright
b10c4b3d3a
Now returning valid tracking image. Fixes #202
2016-03-18 23:35:07 -05:00
Jordan Wright
52b9eda3b2
Added support for redirect URL's after creds are submitted. Fixes #210
2016-03-18 20:19:13 -05:00
Jordan Wright
cfba48a824
Added the ability to convert links on email import to point to the landing page. Fixes #201
2016-03-10 20:35:33 -06:00
Jordan Wright
c979dbd58d
Added support for X-Forwarded-For. Fixes #203
2016-03-10 18:54:30 -06:00
Jordan Wright
219d546a8d
Ignoring SSL cert issues when importing a site. Fixes #200
2016-03-09 18:55:39 -06:00
Jordan Wright
d43a888b26
Updating gorm constructs to support gorm v1.0 released yesterday.
2016-03-08 22:37:55 -06:00
Jordan Wright
6b61b24f68
Merge branch 'master' into 78-store-smtp-settings
...
# Conflicts:
# models/models_test.go
# static/js/app/landing_pages.js
2016-02-28 22:08:39 -06:00
William Woodson
7ca63f55be
gofmt, because that is a thing
2016-02-27 08:37:02 -06:00
William Woodson
80fc04924d
Added handling to /util/send_test_email to use default on empty template and accept a validated SMTP object from send test email workflow on sending profiles page
2016-02-27 08:32:10 -06:00
Jordan Wright
b0dd96d088
Merge branch 'master' into 124-capture-passwords
2016-02-25 20:02:15 -06:00
Jordan Wright
44fa8127fc
Adding the ability to capture submitted data via the UI. Fixes #124
2016-02-25 19:58:49 -06:00
Jordan Wright
553ead7d68
Moved fmt prints to Logger prints
2016-02-21 22:18:34 -06:00
Jordan Wright
7bf2c00356
gofmt'ing
2016-02-21 21:09:14 -06:00
William Woodson
9818410fcf
Updated campaign creation and send_test_email to use settings from sending profile
2016-02-21 12:05:40 -06:00
William Woodson
dde2312183
Updated smtp model and api to support managing SMTP objects as independent entities
2016-02-20 21:08:52 -06:00
William Woodson
12823468d3
Fixed page titles for several routes
2016-02-20 17:46:22 -06:00