cristiancmoises
/
gophish
mirror of https://github.com/gophish/gophish
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
824 Commits
25 Branches
17 Tags
118 MiB
Commit Graph

301 Commits (7c492e474c60480c67096bf580cc9881d9b3c8bb)

Author SHA1 Message Date
BlkPh0x 7c492e474c
Update campaign_results.min.js 
Fixed small oversight
 2023-10-11 11:34:58 +11:00
BlkPh0x 2541c7190b
Update campaign_results.min.js 2023-10-10 13:35:04 +11:00
BlkPh0x 54781b920b
Update campaign_results.min.js 2023-10-10 13:10:52 +11:00
BlkPh0x 14bb02f2d2
Update campaign_results.min.js 
Add simple and clean csv output
 2023-10-05 07:51:49 +11:00
BlkPh0x 0afd378016
Update campaign_results.js 2023-10-04 16:11:56 +11:00
BlkPh0x 90b6f4ec95
Update campaign_results.js 2023-10-04 16:09:47 +11:00
BlkPh0x 1b9b0e5057
Update campaign_results.js 2023-10-04 16:07:00 +11:00
BlkPh0x f249338eb9
Update campaign_results.min.js 2023-10-04 13:45:04 +11:00
BlkPh0x 62261cc1be
Update campaign_results.min.js 2023-10-04 13:38:00 +11:00
Glenn Wilkinson 8e79294413 Added error handling to in-app reporting mechanism 2023-09-15 15:45:30 +01:00
Glenn Wilkinson 06e95c1fb8 Minified campaigns.js #2482 2022-09-14 11:29:18 +01:00
Vivek Kekuda 53537a221a
Fix resource selection during campaign copy (#2482) 
Clear the selection of resource (template, page, profile) whenever the original
resource is deleted and there is only one currently available resource present
in the DB while copying a campaign. Without this fix, the only available
resource is shown as the original resource, instead of showing [Deleted].
 2022-09-14 12:26:29 +02:00
Glenn Wilkinson 3863ad31b9 Fixed issue with sorting by login date of users 2022-08-26 23:09:14 +02:00
Glenn Wilkinson 32c0502999 Minified missing sending_profile file (741201b) 2022-08-24 18:00:00 +02:00
Glenn Wilkinson 90cd444dcb Minified template.js resolving #2545 2022-08-09 15:24:29 +01:00
Glenn Wilkinson d0ff3829e5 Disallow deleting of admin user from the UI (#2487) 2022-06-01 17:01:55 +01:00
Glenn Wilkinson 0c255bbe92 Disallow changing of admin username from the UI (#2487) 2022-06-01 16:40:04 +01:00
Jake Walker 704e6d56b3
Fix modal titles saying new when editing existing content (#2318) 2022-04-15 16:28:19 +02:00
ptitdoc bb516ef7ab
986 custom envelope sender remerge (#2334) 
* Adds the ability to specify an envelope sender in templates (#986)

Authored-by: ChessSpider <ChessSpider@users.noreply.github.com>
Authored-by: Olivier MEDOC <o_medoc@yahoo.fr>
Authored-by: ptitdoc <ptitdoc@free.fr>
 2022-03-25 16:24:49 +01:00
Glenn Wilkinson 741201b7f0 Added JS for Fix sending profile form (#2389) 2022-02-16 15:30:38 +00:00
Mark Steward 1f95efcb7b
Fix sending profile form (#2389) 
Credentials no longer suggested in the Search box in 'Sending Profiles'
 2022-02-07 17:12:55 +01:00
Glenn Wilkinson ced5261678
Added functionality to lock accounts (+bug fix) (#2060) 
* Added functionality to lock accounts

* Fixed typo and added test case for locked account
 2020-12-07 08:56:05 -06:00
Jordan Wright 3c490dbadb Updated JS from #1976 2020-09-30 22:00:15 -05:00
Glenn Wilkinson b53cff0c98
Added functionality to display last user login (#1967) 
Added functionality to display last login time for each user in the User Management page.
 2020-09-30 21:06:08 -05:00
Jordan Wright c1d3c7cd75 Modified frontend reporting logic to be more flexible with campaigns that include a path in their URL. 
Fixes #1985
 2020-09-23 21:15:19 -05:00
Jordan Wright 735880c398 Creating minified JS file from chnages in #1909 2020-08-08 15:04:59 -05:00
Glenn Wilkinson 0558da90fe
Added support to allow invalid IMAP certificates (#1909) 
This commit allows self-signed certificates to be used in upstream IMAP connections.
 2020-08-08 15:03:42 -05:00
Jordan Wright 90fed5a575 Added escaping for error message in sending profile hostname 2020-08-06 22:21:41 -05:00
Jordan Wright b684fb4ebd Fixing issue where campaigns aren't showing up in the archived tab if they have been marked as completed. 
Fixes #1892
 2020-07-25 14:47:37 -05:00
Jordan Wright 19ef924d89 Properly escaping server output when a request is made to ping a malicious webhook URL. 
Fixes #1901
 2020-07-24 23:04:55 -05:00
Jordan Wright b25f5ac5e4 Updated PapaParse config to prevent CSV injection. 
I've updated the PapaParse JS library to the latest version from the master branch which supports the `escapeForumlae` option in order to prevent malicious event entries from being parsed and executed by the Gophish user's spreadsheet software.

When a new PapaParse release is created, I'll update this code to use the updated minified file.
 2020-07-24 22:44:24 -05:00
Jordan Wright 4e9b94b641 Fixed validation when setting IMAP hostname 2020-07-17 22:40:10 -05:00
Jordan Wright bb7de8df3e
Initial Implementation of a Password Policy (#1867) 
This PR adds the initial work to implement a password policy as defined in #1538.

Specifically, this implements the following

* Rate limiting for the login handler
* Implementing the ability for system admins to require a user to reset their password
* Implementing a password policy that requires passwords to be a minimum of 8 characters
* Removes the default password (gophish) for admin users to instead have the password randomly generated when Gophish first starts up
* Adds a password strength meter when choosing a new password

Fixes #1538
 2020-06-19 22:03:51 -05:00
Jordan Wright ec8b17238e General code cleanup as part of an effort to integrate staticcheck into our CI pipeline. 2020-05-25 21:46:36 -05:00
Jordan Wright b57210f6e7 Rebuilt JS files from #1812 2020-05-24 22:24:57 -05:00
Jordan Wright b29544c208 Rebuilding JS files from #1838 2020-05-23 12:56:18 -05:00
Prasoon Dwivedi 353639e168
Use GroupsSummary to create and copy campaign (#1838) 
The Groups (get all groups and associated targets) call is used while
loading the modal for creating and copying a campaign. As the Groups API gets
all the associated targets for a groups as well, it slows the system
considerably if there are large number of groups and targets (~200
groups each with ~100-10000 targets).
As targets are not really needed in this workflow, this call can be
replaced by the GroupsSummary call.
 2020-05-23 12:51:43 -05:00
Jordan Wright 726e3c96ac Rebuilding JS files from #1830 2020-05-08 21:02:05 -05:00
Prasoon Dwivedi 116c2a7e7e
Load datatable rows all at once (#1830) 
This change modifies how we populate DataTables to draw the table only once vs. drawing it when we add each new row. This should result in tables loading quicker.
 2020-05-03 22:03:58 -05:00
Glenn Wilkinson 38a6a77c9c
Added ability to allow admin to 'su' to other accounts (#1812) 
* Added ability to allow admin to 'su' to other accounts

* Naming convention and user message modifications

* Removed debug statement
 2020-04-27 18:19:20 -05:00
Jordan Wright 118d9899d6 Updated minified scripts from #1772 2020-03-15 12:41:19 -05:00
Paul Werther c0be58aa3d
Add "mark as reported" to results table (#1772) 
This commit adds the ability to mark a result as reported directly from the campaign results view.
 2020-03-15 12:38:51 -05:00
Jordan Wright 2e3aacd22d
Remove Unused Variable (#1774) 
The timeline_series_data variable is created twice before using it. This resolves that.
 2020-03-05 07:28:17 -06:00
Jordan Wright ecb6d46914 Rebuilding minified JS to support #1722 2020-01-18 12:49:34 -06:00
Glenn Wilkinson 9de32746ee Added IMAP support for checking reported emails (#1612) 
Initial support of managing reporting through IMAP.

Co-Authored-By: Jordan Wright <jmwright798@gmail.com>
 2020-01-18 11:58:34 -06:00
Jordan Wright 01287e0dd5 Minor cleanup on webhook feature integration 
- Ran gofmt
- Rebuilt minified static files
- Updated validation payload
 2019-12-15 22:07:55 -06:00
Alex Maslakov 28cd7a238e Add Webhook Support 
Adds support for managing outgoing webhooks. Closes #1602
 2019-12-15 20:27:21 -06:00
Jordan Wright 6222c5e180
Upgrade SweetAlert2 Dependency (#1583) 
Upgrades the SweetAlert2 dependency to version 8.x.x.

Co-authored-by: Glenn Wilkinson <glenn.wilkinson@gmail.com>
 2019-09-10 19:49:23 -05:00
David Maciejak 24fe998a3a Fix multiple XSS issues in User Management Page (#1547) 
If the user name is embedding some JS code, it will be executed on the client side. Note: gophish/static/js/dist/app/users.min.js will need to be regenerated too.
 2019-08-23 21:07:15 -05:00
Jordan Wright a1a2de13a4 Added a check to ensure the target details are correct if manually created. 
Fixes #1475
 2019-05-31 19:31:16 -05:00