Commit Graph

723 Commits (782f80fa1237f243fc209d05aaa98c9954733830)

Author SHA1 Message Date
quelsan 3227437f52 Improved Dockerfile and run script (#1579)
The Dockerfile has also been rebuilt to use an unprivileged user instead
of root.

The run script adds more options and changes the method the
configuration is overwritten, which may help in situations where the
configuration is not owned by the unprivileged user.
2019-10-06 20:18:06 -07:00
Gábor Lipták c3e90183c8 Add Go 1.13 to Travis (#1610) 2019-10-04 16:30:48 -07:00
Jordan Wright 6222c5e180
Upgrade SweetAlert2 Dependency (#1583)
Upgrades the SweetAlert2 dependency to version 8.x.x.

Co-authored-by: Glenn Wilkinson <glenn.wilkinson@gmail.com>
2019-09-10 19:49:23 -05:00
David Maciejak 20295bd96a Remove the Top Navigation Menu
The top navigation menu is redundant to the sidebar. We’re opting to remove it so that we are free to update the sidebar to be more complex over time.
2019-08-29 07:36:04 -05:00
David Maciejak 24fe998a3a Fix multiple XSS issues in User Management Page (#1547)
If the user name is embedding some JS code, it will be executed on the client side. Note: gophish/static/js/dist/app/users.min.js will need to be regenerated too.
2019-08-23 21:07:15 -05:00
Jordan Wright f95e9554c7
Add CORS support for Reporting Handler (#1529)
* Added response headers for CORS and server identification (#1517)

Co-Authored-By: Glenn Wilkinson <glenn.wilkinson@gmail.com>
2019-08-03 20:55:25 -05:00
dependabot[bot] 1f16c7237d Bump lodash from 4.17.11 to 4.17.14 (#1507)
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.11 to 4.17.14.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.11...4.17.14)

Signed-off-by: dependabot[bot] <support@github.com>
2019-07-18 23:29:45 -05:00
dependabot[bot] d30e9e2e2f Bump lodash.merge from 4.6.1 to 4.6.2 (#1508)
Bumps [lodash.merge](https://github.com/lodash/lodash) from 4.6.1 to 4.6.2.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/commits)

Signed-off-by: dependabot[bot] <support@github.com>
2019-07-18 23:29:10 -05:00
Christian Schwartz 26d99b5a65 Add support for encrypted connections to mysql (#1460) 2019-06-03 22:04:54 -05:00
Jordan Wright a1a2de13a4 Added a check to ensure the target details are correct if manually created.
Fixes #1475
2019-05-31 19:31:16 -05:00
Jordan Wright 84096b8724
Implement User Management API (#1473)
This implements the first pass for a user management API allowing users with the `ModifySystem` permission to create, modify, and delete users. In addition to this, any user is able to use the API to view or modify their own account information.
2019-05-31 13:58:18 -05:00
Gábor Lipták faadf0c850 Add Go 1.12 to Travis (#1472) 2019-05-31 13:42:15 -05:00
David Maciejak de21f608d6 Prevent adding an empty recipient (#1448) 2019-05-30 11:46:45 -05:00
Will Woodson 27553ccc1f Add Dockerfile (#1437)
Added dockerfile
2019-04-25 20:19:18 -05:00
Chris Zietlow 8d95ceb31a Update Sending Profile Message-ID headers (#1417) (#1441)
Adds a default message-ID header to outbound emails.
2019-04-23 17:31:30 -05:00
Jordan Wright 6ca2b76ceb
Update Javascript Dependencies (#1440)
* updated devDependencies, migrated gulpfile.js to gulp 4.0 syntax (#1438)

* Rebuilding JS dependencies with new gulp config. Updated yarn.lock.

Co-authored-by: Christian Schwartz <christian.schwartz@gmail.com>
2019-04-21 16:34:52 -05:00
Jordan Wright 2eb4f4d348
Move API key to Bearer Token (#1439)
* Moved api_key from URL to authorization header in requests (#1434)

* Fixing some minor formatting and rebuilding minified JS
2019-04-21 15:21:36 -05:00
gfrancqu af4c8f61da Wait for db (#1402)
Added a loop that attempts to connect to the configured database.
2019-03-27 22:48:31 -05:00
Jordan Wright 5c753465d1 Quick fix: Forgot to remove api_test.go 2019-03-26 22:20:35 -05:00
Jordan Wright e634cbd670 Moving api_test.go to controllers_test.go 2019-03-26 22:19:18 -05:00
Jordan Wright 1e0a78db30
Refactoring API into separate package for easier management. (#1411) 2019-03-26 22:17:20 -05:00
Russel Van Tuyl 8b27d852d8 Go min version (#1386)
The `github.com/jinzhu/gorm` package uses `sync.Map` which requires go version 1.9
2019-03-10 15:52:47 -05:00
Jordan Wright 11493024a0 Changed MySQL column type for redirect_url to "TEXT" to avoid truncation.
Fixes #1346
2019-02-19 22:00:16 -06:00
Jordan Wright 8d32bc2fab Fixed phishing server log output. Fixes #1345 2019-02-19 21:40:26 -06:00
Jordan Wright 3cec2dabbf
Add Archived Campaigns View (#1367)
* Adding archived view for campaigns (#1334)

* Formatted the code, did some very minor cleanup, and rebuilt the minified JS

Closes #448
2019-02-19 21:30:18 -06:00
Jordan Wright ba8ceb81da
Initial commit of RBAC support. (#1366)
* Initial commit of RBAC support. Closes #1333
2019-02-19 20:33:50 -06:00
Jordan Wright 4ec9f07859 Updating campaign datepicker format to match other date formats. Fixes #1288 2018-12-30 14:26:35 -06:00
Jordan Wright b4ff771b3a Added autocomplete for template tags to the editor for email templates and landing pages. 2018-12-30 00:02:41 -06:00
Jordan Wright 60133b45e8 Updated CKEditor to 4.11.1 2018-12-27 17:23:59 -06:00
Jordan Wright 191ec6e436 Added the CKEditor link dialog fixes to the email templates 2018-12-27 15:04:24 -06:00
Jordan Wright ea97d6257d Cleaned up CKEditor link dialog to be more simple. Related to #1327 2018-12-27 14:54:04 -06:00
Jordan Wright af293da9f5
Adding a Missed SQL Migration (#1330)
* Missed one migration when adding quotes to table names. Related to #1325
2018-12-27 13:26:13 -06:00
Jordan Wright ba967a7244
Added quotes for table names in MySQL migrations to avoid clashing with reserved keywords. Fixes #1325 (#1329) 2018-12-27 10:23:54 -06:00
Jordan Wright 53b3a98521 Deleting maillogs when a campaign is completed to prevent accidental future emails from being sent. Fixes #719 2018-12-15 22:09:15 -06:00
Jordan Wright c14be36e05 Delete maillogs if a campaign is deleted. Fixes #1318 2018-12-15 21:47:40 -06:00
Jordan Wright a73ac4ab7c Fixed various minor linting issues 2018-12-15 21:38:51 -06:00
Jordan Wright 47f0049c30
Refactor servers (#1321)
* Refactoring servers to support custom workers and graceful shutdown.
* Refactoring workers to support custom mailers.
* Refactoring mailer to be an interface, with proper instances instead of a single global instance
* Cleaning up a few things. Locking maillogs for campaigns set to launch immediately to prevent a race condition.
* Cleaning up API middleware to be simpler
* Moving template parameters to separate struct
* Changed LoadConfig to return config object
* Cleaned up some error handling, removing uninitialized global error in models package
* Changed static file serving to use the unindexed package
2018-12-15 15:42:32 -06:00
Jordan Wright 3b248d25c7
Make Campaign Results Pie Chart Consistent with Dashboard (#1272) 2018-11-11 15:37:49 -06:00
Jordan Wright 7fd0657a91
Support Re-enabling CapturePasswords for Landing Pages (#1271)
Fixed a bug when marking the capture password, saving and unmarking the capture password, the attribute does not comeback and the password will never be captured again for this template.
2018-11-11 12:34:26 -06:00
Gábor Lipták 69ffb70b35 Add Go 1.10 and 1.11 to Travis (#1252)
* Add Go 1.10 and 1.11 to Travis

Co-Authored-By: gliptak <gliptak@gmail.com>
2018-10-29 10:30:30 -05:00
Jordan Wright 468da007d5 Added result ID to campaign results view. Fixes #1239 2018-10-18 15:05:59 -05:00
Jordan Wright 326649b177 Updating redirect URL to support template values. Fixes #1235 2018-10-15 16:42:05 -05:00
Jordan Wright ebc099b6c2 Changed modals to avoid exiting when the user clicks outside them. Fixes #1236 2018-10-15 10:40:57 -05:00
Jordan Wright abafe3526b Moved documentation links to point to docs.getgophish.com. 2018-10-11 12:06:36 -05:00
Jordan Wright d6cbc1a936 Minor cleanup for campaign results 2018-10-08 10:49:21 -05:00
Jordan Wright 81da804761 Properly returning 404 error if the requested sending profile isn't found. 2018-10-07 12:37:15 -05:00
Jordan Wright 10aa98b760 Moving logging configuration into its own section of the config 2018-10-06 17:51:49 -05:00
Jordan Wright bef52d36f1 Adding ability to log to file as well as stderr. Fixes #441. Fixes #1209. 2018-10-06 15:47:31 -05:00
Jordan Wright c315867cea Removing console debug statements 2018-10-03 15:00:56 -05:00
Jordan Wright a0c1860a0a Fixed bug when copying campaign.
Fixes #549
Fixes #898
2018-10-03 15:00:08 -05:00