Commit Graph

64 Commits (ad20017981d872d51976df03a518b7db43e6c1e2)

Author SHA1 Message Date
Glenn Wilkinson 0558da90fe
Added support to allow invalid IMAP certificates (#1909)
This commit allows self-signed certificates to be used in upstream IMAP connections.
2020-08-08 15:03:42 -05:00
Jordan Wright bb7de8df3e
Initial Implementation of a Password Policy (#1867)
This PR adds the initial work to implement a password policy as defined in #1538.

Specifically, this implements the following

* Rate limiting for the login handler
* Implementing the ability for system admins to require a user to reset their password
* Implementing a password policy that requires passwords to be a minimum of 8 characters
* Removes the default password (gophish) for admin users to instead have the password randomly generated when Gophish first starts up
* Adds a password strength meter when choosing a new password

Fixes #1538
2020-06-19 22:03:51 -05:00
Glenn Wilkinson 9de32746ee Added IMAP support for checking reported emails (#1612)
Initial support of managing reporting through IMAP.

Co-Authored-By: Jordan Wright <jmwright798@gmail.com>
2020-01-18 11:58:34 -06:00
Chris Zietlow f570a611db Fix webhooks db migration. (#1697) 2019-12-18 17:57:13 -06:00
Alex Maslakov 28cd7a238e Add Webhook Support
Adds support for managing outgoing webhooks. Closes #1602
2019-12-15 20:27:21 -06:00
Jordan Wright 11493024a0 Changed MySQL column type for redirect_url to "TEXT" to avoid truncation.
Fixes #1346
2019-02-19 22:00:16 -06:00
Jordan Wright ba8ceb81da
Initial commit of RBAC support. (#1366)
* Initial commit of RBAC support. Closes #1333
2019-02-19 20:33:50 -06:00
Jordan Wright af293da9f5
Adding a Missed SQL Migration (#1330)
* Missed one migration when adding quotes to table names. Related to #1325
2018-12-27 13:26:13 -06:00
Jordan Wright ba967a7244
Added quotes for table names in MySQL migrations to avoid clashing with reserved keywords. Fixes #1325 (#1329) 2018-12-27 10:23:54 -06:00
Jordan Wright 7dcf30f277
Add Support for Timed Campaigns (#1184)
This builds on the work from @c-f in #1090 to fully add support for "timed" campaigns, in which the emails are spaced apart as opposed to all being sent at once.
2018-09-02 11:17:52 -05:00
Jordan Wright da6091e021 Add migration to change MySQL storage of HTML to be mediumtext to hold larger HTML pages. Fixes #1067 2018-06-09 18:10:27 -05:00
Jordan Wright ebb6cd61b2 Implemented the ability to preview landing pages when sending a test email. 2018-06-08 21:20:52 -05:00
Jordan Wright 420410b52c Refactored result updating to be in result.go.
Added the modified_date field to results so it's easy to keep track of the last results that were modified without having to parse every event. Updated the tests to reflect the changes.
2018-05-26 21:26:34 -05:00
Jordan Wright f21536da7c
Adding "Report Email" Support (#1014)
Adds the capability to report phishing campaigns using an email client extension.

**Note: Gophish does not currently provide an email client extension out of the box. This is simply a mechanism to let existing email client add-ons send report status information to Gophish, and have that information reflected in the dashboard.**
2018-03-18 22:03:00 -05:00
Thiago-Medeiros a5c6ffb572 Fix MySQL syntax error in maillogs migration.
update autoincrement -> auto_increment
add ";" after drop table
2018-01-07 16:43:26 -06:00
Jordan Wright 76ece15b71
Email refactoring (#878)
The initial pass at refactoring the way we send emails.
2017-12-09 15:42:07 -06:00
Jordan Wright 58a57589bd Updates all datetimes to use UTC on the backend. This includes a DB migration to convert existing dates.
Fixes #316
2017-08-28 22:48:49 -05:00
Jordan Wright 66c4be3d4f Adding support for custom headers in sending profiles (#544)
Closes #215 
Closes #128
2017-02-19 18:43:08 -06:00
Jordan Wright 9982769d0f Making result statuses more granular as part of #505 2017-01-05 17:40:45 -06:00
s vignesh ab1ac797a9 Attachment Bug Fix (#471)
Fixes issue with cropped attachments.
2016-12-02 17:38:20 -06:00
Jordan Wright f12af50d46 Adding support for Mysql (#442)
Thanks, @svigne1!

Fixes #53
2016-11-19 10:37:22 -06:00
Jordan Wright 082023aae0 Adding the ability to schedule campaigns. Fixes #21 2016-06-07 21:42:09 -05:00
Jordan Wright 52b9eda3b2 Added support for redirect URL's after creds are submitted. Fixes #210 2016-03-18 20:19:13 -05:00
William Woodson 5afaea8d6d Remove attempt to migrate from existing SMTP since it is unsafe in multi user environments and confusing + breaks relationships when entries are de-duped. 2016-02-27 21:24:24 -06:00
William Woodson 56c9ea070b Fixed isses with SMTP table migration: better names on created objects, all SMTP records are imported with appropriate user_id, entries are de-duped based on user_id:host:from_address tuple 2016-02-27 19:38:54 -06:00
William Woodson 3e69a4f4e8 Update 20160221001538_0.1.2_store-smtp-settings.sql
Makes more sense to use campaigns.id in this select
2016-02-22 20:11:02 -06:00
William Woodson 5b1ffe39b7 Fixed issue with smtp table migration from 0.1.2 db 2016-02-21 13:20:56 -06:00
William Woodson 5b89fb04eb Fixing issues in SMTP model and db schema. Add interface_type to support future sending interfaces beyond SMTP. 2016-02-21 09:46:25 -06:00
William Woodson b7396fa149 Added DB columns to SMTP table 2016-02-20 21:08:32 -06:00
William Woodson 5077ba9f1f Added DB migration to support storing SMTP settings as independent objects 2016-02-20 19:55:44 -06:00
Jordan Wright bf55c03fc9 Adding position attribute for models.Result. Fixes #163. 2016-02-17 21:25:06 -06:00
Jordan Wright 80333a93ec Adding ignore_cert_errors in SMTP schema 2016-02-12 21:23:35 -06:00
Jordan Wright 94e43fe557 Initial commit - adding db migration as well as the logic to add the payload 2016-01-31 19:50:41 -06:00
Jordan Wright 379edf73a3 Adding first round of database migrations using goose 2016-01-18 21:13:32 -06:00
Jordan 584d7dbc23 Major refactoring - modularized models into separate files. Removed db package (moved to models)
I will be looking to migrate to gorm (instead of gorp) soon!
2014-03-24 22:31:33 -05:00
Jordan bfdf9ca00e Added autofocus
PUT /api/groups/:id can now update the group name and modified date
2014-03-19 20:27:09 -05:00
Jordan b3e411c54c Adding DB table for template attachments (coming soon)
Cleanup API docs for campaigns
Added "omitempty" for Campaign model
2014-03-18 18:08:17 -05:00
Jordan 9b94971a1d Implementing Template API calls (todo: PUT, DELETE)
Cleaning up documentation for templates
Bugfix for DB Tables
2014-03-16 22:18:48 -05:00
Jordan 3f30d08bf5 Working on implementing templates 2014-03-16 22:02:06 -05:00
Jordan 5f1bd43344 Working on adding campaign results page 2014-03-13 15:12:03 -05:00
Jordan 77ea41c2f9 Added some error checking
Added flashes on campaign modal (coming soon to group modal)
2014-02-19 19:40:23 -06:00
Jordan 1e52267bfa Added ability to create campaigns
Need to improve GetCampaign() and GetCampaigns() to include Results and Groups
2014-02-18 14:22:16 -06:00
Jordan 2420e19e15 Implemented DELETE /api/groups/:id 2014-02-13 12:05:22 -06:00
Jordan cdc776ec03 Implemented PUT /api/groups/:id
Updated documentation of functions in db module (other modules to come)
Created consistency in API documentation
2014-02-11 17:32:29 -06:00
Jordan d72bc4b7df Updated interfacing with ng-table module. Will propagate changes to campaigns soon.
Updated footer copyright year
Cleaned up tables in templates
2014-02-10 01:15:36 -06:00
Jordan b471a886e3 Updated angular ui to support adding group
Updated POST /api/groups/ to successfully add group
Fixed CSRF in API issue
Moved PUT and DELETE to /api/groups/:id (TODO: Implement)
Changed SQL to use user_id instead of API key
It is now possible to add a new group! Will propagate logic to campaigns soon.
2014-02-09 19:34:47 -06:00
Jordan f1aade0bfa Quick bugfixes
Added dropdown to dashboard table
2014-02-06 21:36:00 -06:00
Jordan 12d86c7e13 Moved Group insertion to db.PostGroup()
Stubbed db.DeleteGroup()
Added better logging to db (Logging to come soon for all other packages)
2014-02-06 19:16:29 -06:00
Jordan cfd4e23b2b Updated API (/api/groups) 2014-02-06 13:30:05 -06:00
Jordan 4b97a88238 Fixed issues with GET /api/groups
Group names must now be unique (there's a bug here, but it will be fixed soon!)
2014-02-06 11:14:51 -06:00