Merge 98e81edf6f into 9561846979

This PR:

* Updates the versions of various actions used by the CI and release workflows
* Updates the release workflow to use Go version 1.22
* Updates the test matrix to use Go versions 1.21, 1.22, and 1.23

It also updates the CI workflow to run when pull requests are created or changed. This will help give feedback when formatting or tests are broken during a PR.

As a good example of why this is useful, you'll see that I needed to run `gofmt` to get this to pass! We should have caught that earlier and now we'll catch it moving forward.

.github/workflows/ci.yml

@@ -1,5 +1,7 @@
 name: CI
-on: [push]
+on:
+  - pull_request
+  - push
 jobs:
 
   build:
@@ -7,17 +9,17 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        goVer: [1.16, 1.17, 1.18]
+        goVer: [1.21, 1.22, 1.23]
 
     steps:
     - name: Set up Go ${{ matrix.goVer }}
-      uses: actions/setup-go@v1
+      uses: actions/setup-go@v5
       with:
         go-version: ${{ matrix.goVer }}
       id: go
 
     - name: Check out code into the Go module directory
-      uses: actions/checkout@v2
+      uses: actions/checkout@v4
 
     - name: Get dependencies
       run: |
@@ -31,4 +33,4 @@ jobs:
       run: diff -u <(echo -n) <(gofmt -d .)
     
     - name: Test
-      run: go test -v ./...
+      run: go test ./...

.github/workflows/release.yml

@@ -38,7 +38,7 @@ jobs:
             - name: Set up Go
               uses: actions/setup-go@v2
               with:
-                go-version: 1.14
+                go-version: 1.22
             - if: matrix.os == 'ubuntu-latest'
               run: sudo apt-get update && sudo apt-get install -y gcc-multilib
             - if: matrix.arch == '386'
@@ -47,7 +47,7 @@ jobs:
               run: echo "RELEASE=gophish-${{ github.event.release.tag_name }}-${{ matrix.releaseos }}-64bit" >> $GITHUB_ENV
             - if: matrix.os == 'windows-latest'
               run: echo "RELEASE=gophish-${{ github.event.release.tag_name }}-${{ matrix.releaseos }}-64bit" | Out-File -FilePath $env:GITHUB_ENV -Append # https://github.com/actions/runner/issues/1636
-            - uses: actions/checkout@v2
+            - uses: actions/checkout@v4
             - name: Build ${{ matrix.goos }}/${{ matrix.arch }}
               run: go build -o ${{ matrix.bin }}
               env:
@@ -55,7 +55,7 @@ jobs:
                 GOARCH: ${{ matrix.arch }}
                 CGO_ENABLED: 1
             - name: Upload to artifacts
-              uses: actions/upload-artifact@v2
+              uses: actions/upload-artifact@v4
               with:
                 name: ${{ env.RELEASE }}
                 path: ${{ matrix.bin }}
@@ -65,8 +65,8 @@ jobs:
         runs-on: ubuntu-latest
         needs: build
         steps:
-            - uses: actions/checkout@v2
+            - uses: actions/checkout@v4
-            - uses: actions/download-artifact@v2
+            - uses: actions/download-artifact@v4
               with:
                 path: bin
             - name: Package Releases
@@ -96,7 +96,7 @@ jobs:
                   done
                 done
             - name: Upload to artifacts
-              uses: actions/upload-artifact@v2
+              uses: actions/upload-artifact@v4
               with:
                 name: releases
                 path: releases/*.zip
@@ -106,7 +106,7 @@ jobs:
         runs-on: ubuntu-latest
         needs: package
         steps:
-            - uses: actions/download-artifact@v2
+            - uses: actions/download-artifact@v4
               with:
                 name: releases
                 path: releases/

controllers/api/user.go

@@ -109,6 +109,7 @@ func (as *Server) Users(w http.ResponseWriter, r *http.Request) {
 			Role:                   role,
 			RoleID:                 role.ID,
 			PasswordChangeRequired: ur.PasswordChangeRequired,
+			AccountLocked:          ur.AccountLocked,
 		}
 		err = models.PutUser(&user)
 		if err != nil {

gophish-main.tf

@@ -0,0 +1,110 @@
+provider "aws" {}
+
+// details of the aws instance
+resource "aws_instance" "example" {
+  ami = "ami-40d5672f"
+  instance_type = "t2.micro"
+  vpc_security_group_ids = ["${aws_security_group.instance.id}"]
+  key_name = "${aws_key_pair.auth.id}"
+
+  tags {
+    Name = "phishing-machine"
+  }
+
+  user_data = <<HEREDOC
+    #!/bin/bash
+    yum update -y
+    yum install wget -y
+    yum install unzip -y
+    su ec2-user
+    cd /home/ec2-user/
+    wget https://getgophish.com/releases/latest/linux/64 -O gophish-linux-64bit.zip
+    unzip gophish-linux-64bit.zip
+    cd gophish-linux-64bit
+    sudo openssl req -newkey rsa:2048 -nodes -keyout gophish.key -x509 -days 365 -out gophish.crt -subj "/C=DE/ST=Example/L=Example/O=example/OU=Cyber"
+    echo '{
+      "admin_server" : {
+        "listen_url" : "0.0.0.0:3333",
+        "use_tls" : true,
+        "cert_path" : "gophish.crt",
+        "key_path" : "gophish.key"
+      },
+      "phish_server" : {
+        "listen_url" : "0.0.0.0:8080",
+        "use_tls" : false,
+        "cert_path" : "example.crt",
+        "key_path": "example.key"
+      },
+      "db_name" : "sqlite3",
+      "db_path" : "gophish.db",
+      "migrations_prefix" : "db/db_"
+    }' > config.json
+    sudo ./gophish
+
+
+HEREDOC
+
+}
+
+// details of security groups
+resource "aws_security_group" "instance" {
+  name = "phishing-machine"
+  description = "Phishing Campaign 2018 - Managed by Terraform"
+  ingress {
+    from_port = 3333
+    to_port = 3333
+    protocol = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+  ingress {
+    from_port = 80
+    to_port = 80
+    protocol = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+  ingress {
+    from_port = 8080
+    to_port = 8080
+    protocol = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+  ingress {
+    from_port = 443
+    to_port = 443
+    protocol = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+  ingress {
+    from_port   = 22
+    to_port     = 22
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+  egress {
+      from_port = 0
+      to_port = 0
+      protocol = "-1"
+      cidr_blocks = ["0.0.0.0/0"]
+    }
+}
+
+resource "aws_key_pair" "auth" {
+  key_name   = "${var.key_name}"
+  public_key = "${file(var.public_key_path)}"
+}
+
+variable "public_key_path" {
+  description = "Enter the path to the SSH Public Key to add to AWS."
+  default     = "~/.ssh/id_rsa.pub"
+}
+
+variable "key_name" {
+  default     = "example" // insert your keypair name here
+  description = "Desired name of AWS key pair"
+}
+
+
+// outputs ip when running "terraform apply"
+output "public_ip" {
+  value = "${aws_instance.example.public_ip}"
+}

imap/monitor.go

@@ -115,8 +115,8 @@ func (im *Monitor) Shutdown() error {
 	return nil
 }
 
-// checkForNewEmails logs into an IMAP account and checks unread emails
+// checkForNewEmails logs into an IMAP account and checks unread emails for the
-//  for the rid campaign identifier.
+// rid campaign identifier.
 func checkForNewEmails(im models.IMAP) {
 	im.Host = im.Host + ":" + strconv.Itoa(int(im.Port)) // Append port
 	mailServer := Mailbox{