Milan Bharanya
bde7da60dc
Merge 642d5fd7a4
into 8e79294413
2023-09-21 13:57:21 -06:00
Glenn Wilkinson
8e79294413
Added error handling to in-app reporting mechanism
2023-09-15 15:45:30 +01:00
RS
ac9e6a7190
Add DB_NAME to run.sh to support mysql ( #2850 )
...
Adding environment variable DB_NAME to run.sh so that Gophish Container can be set up with mysql/mariadb.
db_name has to be changed in config to mysql for mysql connection to work.
2023-08-22 21:03:39 -05:00
Philipp
04f0fb6dfd
Install ca-certificates on Docker image ( #2888 )
...
The ca-certificates package is necessary for Gophish to connect to webhooks using HTTPS.
2023-08-22 20:50:03 -05:00
Glenn Wilkinson
d2efb18ef1
Updated regex pattern to allow longer TLDs
2022-12-16 17:04:55 +00:00
tcastron
2d08befb6b
Modified "SMTP From" field to avoid SMTP server errors with RFC 5321 ( #2669 )
...
Co-authored-by: Thomas Castronovo <thocastronovo@cic.be>
2022-11-29 16:41:10 +00:00
MBharanya
642d5fd7a4
Add configurable list of filetypes that allow substitutions in attachments
2022-10-19 13:45:16 +02:00
Vivek Kekuda
cec2da5128
Fix new records being added on completing a campaign ( #2599 )
...
There were new records with name '[Deleted]' being added when a campaign was
completed. This used to happen when the resource associated with a campaign
(template, page, profile) was deleted before marking the campaign as
completed. The save gorm call used to upsert these values and ended up adding
rogue records.
2022-10-13 16:16:37 +01:00
Glenn Wilkinson
095a9ba20c
Updated README.md with working source installation instructions (see https://github.com/golang/go/issues/48332 )
2022-09-29 13:21:31 +01:00
Glenn Wilkinson
b1648f0759
Bumped version to 0.12.1
2022-09-14 11:30:00 +01:00
Glenn Wilkinson
06e95c1fb8
Minified campaigns.js #2482
2022-09-14 11:29:18 +01:00
Vivek Kekuda
53537a221a
Fix resource selection during campaign copy ( #2482 )
...
Clear the selection of resource (template, page, profile) whenever the original
resource is deleted and there is only one currently available resource present
in the DB while copying a campaign. Without this fix, the only available
resource is shown as the original resource, instead of showing [Deleted].
2022-09-14 12:26:29 +02:00
Glenn Wilkinson
2b85a2bda5
Updated release workflow to mitigate set-env vulnerability and fix Windows build
2022-09-14 11:06:03 +01:00
Glenn Wilkinson
a53665b1b6
Updated formatting and CI to be in line with more recent versions of go
2022-09-12 22:05:34 +01:00
Mark Cabanero
78e9a51168
Add Trusted Origins to CSRF Handler ( #2301 )
...
Enables the user to add addresses that they expect incoming connections
to come from. Helpful in cases where TLS termination is handled by a
load balancer upstream, rather than the application itself.
2022-09-06 16:20:19 +02:00
Glenn Wilkinson
3863ad31b9
Fixed issue with sorting by login date of users
2022-08-26 23:09:14 +02:00
Glenn Wilkinson
34f7457294
Update README.md
...
Updated installation command
2022-08-25 15:28:54 +02:00
Glenn Wilkinson
32c0502999
Minified missing sending_profile file ( 741201b
)
2022-08-24 18:00:00 +02:00
Glenn Wilkinson
6b61426aab
Bumped version to 0.12.0
2022-08-12 21:31:43 +02:00
Glenn Wilkinson
90cd444dcb
Minified template.js resolving #2545
2022-08-09 15:24:29 +01:00
Glenn Wilkinson
5ef2d75e72
Fixed Account Locked bug, allowing user accounts to be locked
2022-06-11 11:25:56 +01:00
Glenn Wilkinson
6fb77bf3ce
Fixed formatting from Custom Envelope PR #2334
2022-06-05 21:18:32 +01:00
Glenn Wilkinson
d0ff3829e5
Disallow deleting of admin user from the UI ( #2487 )
2022-06-01 17:01:55 +01:00
Glenn Wilkinson
0c255bbe92
Disallow changing of admin username from the UI ( #2487 )
2022-06-01 16:40:04 +01:00
Bálint József Jánvári
b7c69662ce
Embed or attach files based on their file extension ( #1525 )
...
Embed or attach files based on their file extension:
* Set 'Content-Disposition: inline' for images
* Set 'Content-Disposition: attachment' for other files
2022-06-01 17:14:22 +02:00
Jake Walker
704e6d56b3
Fix modal titles saying new when editing existing content ( #2318 )
2022-04-15 16:28:19 +02:00
ptitdoc
bb516ef7ab
986 custom envelope sender remerge ( #2334 )
...
* Adds the ability to specify an envelope sender in templates (#986 )
Authored-by: ChessSpider <ChessSpider@users.noreply.github.com>
Authored-by: Olivier MEDOC <o_medoc@yahoo.fr>
Authored-by: ptitdoc <ptitdoc@free.fr>
2022-03-25 16:24:49 +01:00
dependabot[bot]
e0acb99734
Bump minimist from 1.2.0 to 1.2.5 ( #2401 )
...
Bumps [minimist](https://github.com/substack/minimist ) from 1.2.0 to 1.2.5.
- [Release notes](https://github.com/substack/minimist/releases )
- [Commits](https://github.com/substack/minimist/compare/1.2.0...1.2.5 )
---
updated-dependencies:
- dependency-name: minimist
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-25 13:10:19 +01:00
dependabot[bot]
eb016a437c
Bump copy-props from 2.0.4 to 2.0.5 ( #2399 )
...
Bumps [copy-props](https://github.com/gulpjs/copy-props ) from 2.0.4 to 2.0.5.
- [Release notes](https://github.com/gulpjs/copy-props/releases )
- [Changelog](https://github.com/gulpjs/copy-props/blob/master/CHANGELOG.md )
- [Commits](https://github.com/gulpjs/copy-props/compare/2.0.4...2.0.5 )
---
updated-dependencies:
- dependency-name: copy-props
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-17 15:03:51 +01:00
Kirill
67e304f372
Fix open redirect vulnerability on the login page ( #2262 )
2022-02-16 17:26:51 +01:00
dependabot[bot]
e215132bdf
Bump ajv from 6.10.0 to 6.12.6 ( #2395 )
...
Bumps [ajv](https://github.com/ajv-validator/ajv ) from 6.10.0 to 6.12.6.
- [Release notes](https://github.com/ajv-validator/ajv/releases )
- [Commits](https://github.com/ajv-validator/ajv/compare/v6.10.0...v6.12.6 )
---
updated-dependencies:
- dependency-name: ajv
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-16 16:46:30 +01:00
Glenn Wilkinson
741201b7f0
Added JS for Fix sending profile form ( #2389 )
2022-02-16 15:30:38 +00:00
Mark Steward
1f95efcb7b
Fix sending profile form ( #2389 )
...
Credentials no longer suggested in the Search box in 'Sending Profiles'
2022-02-07 17:12:55 +01:00
Glenn Wilkinson
a6627dfc6b
Added support for templating attachments ( #1936 )
...
The following attachment types support template variables: docx, docm, pptx, xlsx, xlsm, txt, html, ics.
2022-02-02 15:41:27 +01:00
Bilal Retiat
0646f14c99
Updated the Ansible Playbook ( #2138 )
...
* Update Ansible role
* lint Ansible role
* Update Ansible Playbook README
* use python3 packages instead python2
2021-12-23 19:13:43 +01:00
Glenn Wilkinson
ceab0509eb
Merge pull request #2296 from gophish/dependabot/npm_and_yarn/tar-4.4.19
...
Bump tar from 4.4.8 to 4.4.19
2021-12-18 09:49:34 +01:00
Glenn Wilkinson
202ecd3397
Merge pull request #2277 from gophish/dependabot/npm_and_yarn/path-parse-1.0.7
...
Bump path-parse from 1.0.6 to 1.0.7
2021-12-18 09:49:20 +01:00
Glenn Wilkinson
4b106b3fe2
Merge pull request #2211 from gophish/dependabot/npm_and_yarn/browserslist-4.16.6
...
Bump browserslist from 4.6.1 to 4.16.6
2021-12-18 09:49:11 +01:00
Glenn Wilkinson
1d18ea7e01
Merge pull request #2196 from gophish/dependabot/npm_and_yarn/hosted-git-info-2.8.9
...
Bump hosted-git-info from 2.7.1 to 2.8.9
2021-12-18 09:48:50 +01:00
Glenn Wilkinson
b3f0bad5ce
Merge pull request #2195 from gophish/dependabot/npm_and_yarn/lodash-4.17.21
...
Bump lodash from 4.17.19 to 4.17.21
2021-12-18 09:48:41 +01:00
Glenn Wilkinson
12ecfd84cc
Merge pull request #2182 from gophish/dependabot/npm_and_yarn/ssri-6.0.2
...
Bump ssri from 6.0.1 to 6.0.2
2021-12-18 09:48:33 +01:00
Glenn Wilkinson
4814620cdc
Merge pull request #2157 from gophish/dependabot/npm_and_yarn/y18n-3.2.2
...
Bump y18n from 3.2.1 to 3.2.2
2021-12-18 09:48:00 +01:00
dependabot[bot]
003d143641
Bump tar from 4.4.8 to 4.4.19
...
Bumps [tar](https://github.com/npm/node-tar ) from 4.4.8 to 4.4.19.
- [Release notes](https://github.com/npm/node-tar/releases )
- [Changelog](https://github.com/npm/node-tar/blob/main/CHANGELOG.md )
- [Commits](https://github.com/npm/node-tar/compare/v4.4.8...v4.4.19 )
---
updated-dependencies:
- dependency-name: tar
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-09-01 04:00:10 +00:00
dependabot[bot]
f89c85f558
Bump path-parse from 1.0.6 to 1.0.7
...
Bumps [path-parse](https://github.com/jbgutierrez/path-parse ) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases )
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7 )
---
updated-dependencies:
- dependency-name: path-parse
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-08-10 23:42:11 +00:00
dependabot[bot]
5aa3a858cb
Bump browserslist from 4.6.1 to 4.16.6
...
Bumps [browserslist](https://github.com/browserslist/browserslist ) from 4.6.1 to 4.16.6.
- [Release notes](https://github.com/browserslist/browserslist/releases )
- [Changelog](https://github.com/browserslist/browserslist/blob/main/CHANGELOG.md )
- [Commits](https://github.com/browserslist/browserslist/compare/4.6.1...4.16.6 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-25 07:33:27 +00:00
dependabot[bot]
82fd6adf68
Bump hosted-git-info from 2.7.1 to 2.8.9
...
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info ) from 2.7.1 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases )
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md )
- [Commits](https://github.com/npm/hosted-git-info/compare/v2.7.1...v2.8.9 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-10 07:08:01 +00:00
dependabot[bot]
5fc6ba6bef
Bump lodash from 4.17.19 to 4.17.21
...
Bumps [lodash](https://github.com/lodash/lodash ) from 4.17.19 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases )
- [Commits](https://github.com/lodash/lodash/compare/4.17.19...4.17.21 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-08 15:03:26 +00:00
dependabot[bot]
a5b3b134ba
Bump ssri from 6.0.1 to 6.0.2
...
Bumps [ssri](https://github.com/npm/ssri ) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/npm/ssri/releases )
- [Changelog](https://github.com/npm/ssri/blob/v6.0.2/CHANGELOG.md )
- [Commits](https://github.com/npm/ssri/compare/v6.0.1...v6.0.2 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-04-29 18:52:25 +00:00
dependabot[bot]
f722065018
Bump y18n from 3.2.1 to 3.2.2
...
Bumps [y18n](https://github.com/yargs/y18n ) from 3.2.1 to 3.2.2.
- [Release notes](https://github.com/yargs/y18n/releases )
- [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md )
- [Commits](https://github.com/yargs/y18n/commits )
Signed-off-by: dependabot[bot] <support@github.com>
2021-03-30 15:39:51 +00:00
dependabot[bot]
db63ee978d
Bump yargs-parser from 5.0.0 to 5.0.1 ( #2151 )
2021-03-28 15:40:31 -05:00