Commit Graph

280 Commits (54d9eb28ff3c925e9f82b9b0cd5db49556dfbb5d)

Author SHA1 Message Date
Jordan Wright 35a8f13990 Improved group CSV parsing. Added ability to download CSV template from the group modal. 2018-06-09 13:22:11 -05:00
Jordan Wright 222399c5f6 De-emphasized campaign report icon while we don't have clients available. 2018-05-24 20:32:08 -05:00
Jordan Wright 3a7a62e9d6
Changed /api/reset to require API key instead of just requiring a valid session. Fixes #1028 2018-03-29 20:59:26 -05:00
Jordan Wright 2131c17c33
Fixing SSRF by requiring an API key for all import endpoints. Fixes #1026 2018-03-26 21:04:22 -05:00
Jordan Wright 9ba3f04d1e
For now, avoid rendering the "campaign created" events on the timeline to make things more consolidated. Fixes #999 2018-03-22 22:16:59 -05:00
Jordan Wright f21536da7c
Adding "Report Email" Support (#1014)
Adds the capability to report phishing campaigns using an email client extension.

**Note: Gophish does not currently provide an email client extension out of the box. This is simply a mechanism to let existing email client add-ons send report status information to Gophish, and have that information reflected in the dashboard.**
2018-03-18 22:03:00 -05:00
Jordan Wright ea558522a0
Events are now displayed with per-second accuracy. Fixes #909 2018-01-13 18:41:08 -06:00
Jordan Wright 8def08f46d
Changed select2 dropdowns to be in alphabetical format. Fixes #899 2018-01-13 18:12:09 -06:00
Jordan Wright 76ece15b71
Email refactoring (#878)
The initial pass at refactoring the way we send emails.
2017-12-09 15:42:07 -06:00
Jordan Wright b742f28f92 Fixing dev dependencies
Fixes #775
Fixes #776
2017-10-02 19:43:23 -05:00
Jordan Wright e785af5c0a Disabled turboThreshold to allow campaign timeline renders for campaigns with > 1k events. Fixes #765
Moved datatables `draw()` functions to the end of a table render, rather than on every row
2017-09-26 21:29:15 -05:00
Jordan Wright 8433882186 Updated papaparse. Changed export csv name to campaign.name - scope.csv syntax. Fixes #751 2017-09-19 20:33:26 -05:00
Jordan Wright 6f81f1f2e2 Making the results map an optional setting stored in localStorage. Fixes #747
Also does more formatting fixes for various files.
2017-09-16 23:30:04 -05:00
Jordan Wright 015ea9bc2d Fixing scrollbar on nested modals. Fixes #598 2017-09-08 22:00:06 -05:00
Jordan Wright ed217cd90e Cleaning up Sending Profile "Send Test Email" modal (plus general formatting cleanup) - Fixes #740 2017-09-05 22:06:22 -05:00
Jordan Wright ac3fe6aeae Fixed issue where imported email wasn't being cleared from modal. Also auto-formatted templates.js 2017-08-28 23:26:51 -05:00
Jordan Wright 58a57589bd Updates all datetimes to use UTC on the backend. This includes a DB migration to convert existing dates.
Fixes #316
2017-08-28 22:48:49 -05:00
Jordan Wright 75600f5812 Moved all charts from Chartist to Highcharts. Closes #680. 2017-08-05 21:12:44 -05:00
Jordan Wright ad45915aa2 Fixed recent campaign status colors on the dashboard (regression from 80c68194a6) 2017-06-19 12:34:45 -05:00
Jordan Wright dd905ecb3a Adding core.js polyfill for IE11 Promises support. Fixes #609. 2017-06-19 11:15:28 -05:00
Jordan Wright 80c68194a6 Updated dashboard to show full final statuses instead of just "Successful" vs "Unsuccessful". 2017-06-18 17:32:18 -05:00
Jordan Wright 1fafe4845f Adding quick stats tooltips (#607)
* Adding a quick stats popup to campaign page (#600)

Added quick stats popup to campaign page

* Adding summarized quick stat tooltips on dashboard
2017-04-27 18:54:33 -05:00
Jordan Wright bddb9fdb28 Changing UI Refresh to a Longer Poll + Manual Refresh (#587)
* Added refresh button and reduced lag for large campaigns (#565)

* Amended refresh function to allow manual refreshes

Moved the function out of document.ready and tied it to the button. Also reduced automatic refresh to 60 seconds, to make it easier for medium - large campaigns to be viewed without lagging.

* Amended refresh function to allow manual refreshes

* Update campaign_results.html

* Re-building the campaign_results JS
2017-04-05 22:20:00 -05:00
Jordan Wright 66c4be3d4f Adding support for custom headers in sending profiles (#544)
Closes #215 
Closes #128
2017-02-19 18:43:08 -06:00
Jordan Wright ed980a0861 Moved campaign attributes to use Select2 instead of Typeahead.js 2017-01-29 17:56:38 -06:00
Jordan Wright 7453fd3b48 Added summary routes for groups.
Routes:
/api/groups/summary
/api/groups/:id/summary

The UI is now using these routes for the "Users & Groups" page.
2017-01-14 17:26:04 -06:00
Jordan Wright 9dfe54ac3d Added gulpfile to minify and concat JS + CSS files for faster loading. 2017-01-08 14:35:08 -06:00
Jordan Wright 22834c75a6 Changed default sorting order in campaign tables to show most recent campaigns first. Fixes #426 2017-01-06 17:58:36 -06:00
Jordan Wright b5100156f9 Leveraging the new campaign summary API endpoints in the web UI to help with displaying large campaigns. 2017-01-05 22:54:29 -06:00
Jordan Wright 9982769d0f Making result statuses more granular as part of #505 2017-01-05 17:40:45 -06:00
Jordan Wright 70b62934c1 Now displaying errors in the campaign results. Fixes #456 2016-12-26 17:27:00 -06:00
Jordan Wright b10ac627af Moved drawing the users datatable out of the addTarget method for faster rendering of a large number of imported records. 2016-11-18 22:16:32 -06:00
Jordan Wright 78fa561404 Fixing tracking image checkbox accuracy. Fixes #443 2016-11-18 18:55:17 -06:00
s vignesh bfb7fd11e8 Fixing XSS Vulnerabilities
This pull request fixed XSS vulnerabilities identified in the gophish admin panel.

**Important: These vulnerabilities could only be exploited if someone had access to the admin panel already, and could only exploit the vulnerability against the same account.**
2016-09-15 00:52:58 -04:00
Jordan Wright b7a2af338b Fixing template tracking. Fixes #361 2016-09-14 23:41:53 -05:00
Jordan Wright bccf7f2fd2 Fixing issue where AM/PM are not handled correctly in campaign scheduling 2016-08-16 19:27:01 -05:00
Jordan Wright ac62f33e80 Now capturing IP and User Agent information in event logs. Fixes #280 2016-08-08 18:28:19 -05:00
Jordan Wright 576aa469e9 Adding the ability to replay credentials from the campaign results page 2016-08-06 18:06:18 -05:00
Jordan Wright 528418f16d Removing more unnecessary CKEditor sample files 2016-08-02 23:36:13 -05:00
Jordan Wright e746a86816 Implementing new alert dialogs. 2016-07-11 23:31:11 -05:00
Jordan Wright 737acbdb4e Remove unnecessary CKEditor samples 2016-07-11 22:21:01 -05:00
Jordan Wright 1dbf061d87 Implement the ability to complete a campaign. Fixes #290.
First implementation of new alert format.
2016-07-11 22:11:40 -05:00
Rob Cutmore f88e68077e Add/update table when adding targets via CSV too 2016-07-09 16:15:47 -04:00
Rob Cutmore 21c55c579c Add/update group target as needed
When user submits a new target, target data table is checked for an
existing entry based on target email. If an existing entry is found
then it is updated, otherwise a new row is added to table. Target
email addresses are now converted to lower case to help prevent
duplicates as well.
2016-07-09 15:46:06 -04:00
Rob Cutmore 3996a702fe Clean up formatting of targets modal events 2016-07-09 09:06:30 -04:00
Rob Cutmore 00d1994671 Remove groups from campaign copy (Fixes #295)
An error was being raised when trying to copy groups for a campaign
because the individual targets for a campaign are tracked, not the
groups.
2016-06-13 06:17:11 -04:00
Rob Cutmore aa8f80c694 Add selected group hint in campaign modal 2016-06-11 12:30:26 -04:00
Rob Cutmore 5ca7744270 Fix indentation for group form submit 2016-06-09 08:14:26 -04:00
Rob Cutmore 9ec4dbe917 Fix campaign group removal (fixes #249)
Every time a group was added, the event handler for removing group was
set for all rows in group table. This change ensures the event handler
is only set for the newly added group.
2016-06-09 08:11:51 -04:00
Jordan Wright c5d6792bba Added /campaigns/:id/results endpoint to return campaign summary and make results page much quicker.
Fixes 282.
2016-06-07 22:31:55 -05:00
Jordan Wright 3d5b330c61 Merge branch 'master' of github.com:gophish/gophish 2016-06-07 21:42:31 -05:00
Jordan Wright 082023aae0 Adding the ability to schedule campaigns. Fixes #21 2016-06-07 21:42:09 -05:00
Rob Cutmore 80c799e0cc Clear input after adding group to campaign 2016-06-05 18:00:52 -04:00
Jordan Wright 1933eb7ff1 Adding better error handling for SMTP server
JSBeautify sending_profiles.js
2016-05-30 14:53:32 -05:00
Jordan Wright 8211116375 Fixing some minor xss issues - Fixes #272 2016-05-25 18:35:47 -05:00
Jordan Wright 83a17e8c2d Added early catching of invalid template values. Fixes #193 2016-04-02 18:33:25 -05:00
Jordan Wright 9322d70fce Starting to fix some validation issues. 2016-03-21 19:30:43 -05:00
Jordan Wright 16b225b189 Fixed issue where it will now stay on same page after ajax update 2016-03-19 20:51:42 -05:00
Jordan Wright 52b9eda3b2 Added support for redirect URL's after creds are submitted. Fixes #210 2016-03-18 20:19:13 -05:00
Jordan Wright cfba48a824 Added the ability to convert links on email import to point to the landing page. Fixes #201 2016-03-10 20:35:33 -06:00
Jordan Wright 9d5f8d640f Improved page titles - Fixes #198 2016-03-09 18:17:46 -06:00
Jordan Wright 1062d1b3b8 Adding colors for the timeline 2016-03-08 21:37:30 -06:00
Jordan Wright 76962749b1 Moved "Add Tracking Image" changes to the copy() function 2016-02-29 21:30:20 -06:00
Jordan Wright 78f378fc28 Added better handling of the "Include Tracking Image" option 2016-02-29 21:20:46 -06:00
Jordan Wright 6b61b24f68 Merge branch 'master' into 78-store-smtp-settings
# Conflicts:
#	models/models_test.go
#	static/js/app/landing_pages.js
2016-02-28 22:08:39 -06:00
William Woodson 7d52c8a7ab Update campaign copy function to work with saved SMTP data 2016-02-27 21:13:35 -06:00
William Woodson cc241ea67e Merge remote-tracking branch 'origin/160-clone-campaigns' into 78-store-smtp-settings 2016-02-27 20:08:02 -06:00
William Woodson f1d1d6838b Updated js on sending_profiles page to work with updated /util/send_test_email 2016-02-27 08:34:33 -06:00
Jordan Wright 4810222404 Merge branch '124-capture-passwords' 2016-02-25 20:04:48 -06:00
Jordan Wright b0dd96d088 Merge branch 'master' into 124-capture-passwords 2016-02-25 20:02:15 -06:00
Jordan Wright 44fa8127fc Adding the ability to capture submitted data via the UI. Fixes #124 2016-02-25 19:58:49 -06:00
Jordan Wright 89ae56fb94 Merge pull request #174 from gophish/148-polling
Implemented Polling for Campaign Updates
2016-02-24 21:26:32 -06:00
Jordan Wright 79627d5579 Fixed caret not being saved.
Added realtime updates to timeline
2016-02-24 17:48:54 -06:00
Jordan Wright 0c72e8b69a Added updating of datamaps with new bubbles 2016-02-23 18:50:07 -06:00
Jordan Wright 95fb02bade Cleaning up some logic on updating the email chart legend. 2016-02-23 11:51:43 -06:00
Jordan Wright 53e5508bca Upgrading Datatables 2016-02-22 22:40:33 -06:00
William Woodson ffb14b7927 Created default email template and landing page passed for _send_test_email_ in sending profile page 2016-02-22 22:27:23 -06:00
William Woodson a3376a702f Working on send test email in sending_profiles page 2016-02-22 06:25:29 -06:00
William Woodson a2ee229848 More cleaning up artifacts in modals on edit/copy/new for #143 2016-02-22 05:57:03 -06:00
Jordan Wright f7b63adfbb Added basic polling updates for the charts. Made the call to get campaign results be async. 2016-02-21 20:55:27 -06:00
William Woodson 9c7adb9941 Cleaning up artifacts in modals on edit/copy/new for #143 2016-02-21 17:00:37 -06:00
William Woodson b2eafd07c3 Updated new campaigns modal, send test email modal, and js to use sending profile 2016-02-21 12:04:17 -06:00
William Woodson 3d8126e981 Started frontend work for sending test email from sending_profiles page. This will need to wait for rewrite of /util/send_test_email to send with default template, etc. 2016-02-21 10:40:26 -06:00
William Woodson 2d503ff215 Added Sending Profiles page and sending_profiles.js for interacting with /smtp/ API endpoint 2016-02-21 09:44:36 -06:00
William Woodson 1dd1851ce7 Added functions for handling SMTP objects to gophish.js API client 2016-02-20 21:24:28 -06:00
William Woodson 828e42bc3b Created routes, template, js for sending_profiles page 2016-02-20 17:24:08 -06:00
Jordan Wright 77e38b6c72 Added datatables sorting for dashboard campaigns. Fixes #166. Also formatting fixes. 2016-02-18 18:42:00 -06:00
Jordan Wright a00eaf2096 Initial copy function - need to handle #78 before this will be fully functional 2016-02-17 20:47:16 -06:00
Jordan Wright 81f4e1e097 Added ability to copy templates. Fixes #156 2016-02-15 20:41:07 -06:00
Jordan Wright b51cea7a57 Added the ability to copy landing pages 2016-02-15 20:03:27 -06:00
Jordan Wright 913f444598 Fixing results download in Firefox. Fixes #153 2016-02-15 12:18:21 -06:00
Jordan Wright bbe0163366 Adding checkboxes to handle capturing credentials and passwords 2016-02-13 16:11:45 -06:00
Jordan Wright 12975bf0c3 Adding the JS to handle submitting the "ignore cert errors" with a campaign.
Adding JS to handle showing errors on email submissions
2016-02-12 21:25:49 -06:00
Jordan Wright a0a8a7b8ad Merge pull request #123 from gophish/61-record-browser-post
Capture Credentials Sent via POST
2016-02-02 22:54:42 -06:00
Jordan Wright 99da20abc0 Added table for displaying submitted data. 2016-02-02 22:49:30 -06:00
Jordan Wright 528d8525b1 Added basic table to display results - last step is the JS to dynamically show it. 2016-02-01 21:53:00 -06:00
Jordan Wright ce8a9e5456 Changed status of new targets to "Sending" instead of "Unknown". Fixes #112 2016-02-01 20:42:46 -06:00
Jordan Wright 94e43fe557 Initial commit - adding db migration as well as the logic to add the payload 2016-01-31 19:50:41 -06:00
Jordan Wright d714635e69 Added ability to export raw events. Fixes #102 2016-01-29 13:18:06 -06:00
Jordan Wright 17e81e6caa Added event on sending email error. Fixes #99 2016-01-29 12:34:29 -06:00