Compare commits

...

6 Commits

Author SHA1 Message Date
Marvin Contessi d60b478183
Merge 98e81edf6f into 9561846979 2024-11-21 01:09:56 +00:00
Jordan Wright 9561846979
Update workflow actions and Go versions (#3245)
This PR:

* Updates the versions of various actions used by the CI and release workflows
* Updates the release workflow to use Go version 1.22
* Updates the test matrix to use Go versions 1.21, 1.22, and 1.23

It also updates the CI workflow to run when pull requests are created or changed. This will help give feedback when formatting or tests are broken during a PR.

As a good example of why this is useful, you'll see that I needed to run `gofmt` to get this to pass! We should have caught that earlier and now we'll catch it moving forward.
2024-09-22 23:24:43 -05:00
Caetan 908886f2cd
Enforce account locks when creating new users (#3173)
Properly enforce account locks when new users are created

---------

Co-authored-by: Caetan Tojeiro Carpente <caetan.tojeiro@tier8.com>
2024-09-22 22:53:08 -05:00
Marvin Contessi 98e81edf6f
removed region so that tf uses the env var 2018-08-31 09:42:03 +02:00
Marvin Contessi 40254f5e5e
updated the wget request 2018-08-31 09:41:39 +02:00
Marvin Contessi e901eb3feb
added aws terraform template 2018-08-01 10:57:20 +02:00
6 changed files with 128 additions and 15 deletions

View File

@ -1,5 +1,7 @@
name: CI name: CI
on: [push] on:
- pull_request
- push
jobs: jobs:
build: build:
@ -7,17 +9,17 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
strategy: strategy:
matrix: matrix:
goVer: [1.16, 1.17, 1.18] goVer: [1.21, 1.22, 1.23]
steps: steps:
- name: Set up Go ${{ matrix.goVer }} - name: Set up Go ${{ matrix.goVer }}
uses: actions/setup-go@v1 uses: actions/setup-go@v5
with: with:
go-version: ${{ matrix.goVer }} go-version: ${{ matrix.goVer }}
id: go id: go
- name: Check out code into the Go module directory - name: Check out code into the Go module directory
uses: actions/checkout@v2 uses: actions/checkout@v4
- name: Get dependencies - name: Get dependencies
run: | run: |
@ -31,4 +33,4 @@ jobs:
run: diff -u <(echo -n) <(gofmt -d .) run: diff -u <(echo -n) <(gofmt -d .)
- name: Test - name: Test
run: go test -v ./... run: go test ./...

View File

@ -38,7 +38,7 @@ jobs:
- name: Set up Go - name: Set up Go
uses: actions/setup-go@v2 uses: actions/setup-go@v2
with: with:
go-version: 1.14 go-version: 1.22
- if: matrix.os == 'ubuntu-latest' - if: matrix.os == 'ubuntu-latest'
run: sudo apt-get update && sudo apt-get install -y gcc-multilib run: sudo apt-get update && sudo apt-get install -y gcc-multilib
- if: matrix.arch == '386' - if: matrix.arch == '386'
@ -47,7 +47,7 @@ jobs:
run: echo "RELEASE=gophish-${{ github.event.release.tag_name }}-${{ matrix.releaseos }}-64bit" >> $GITHUB_ENV run: echo "RELEASE=gophish-${{ github.event.release.tag_name }}-${{ matrix.releaseos }}-64bit" >> $GITHUB_ENV
- if: matrix.os == 'windows-latest' - if: matrix.os == 'windows-latest'
run: echo "RELEASE=gophish-${{ github.event.release.tag_name }}-${{ matrix.releaseos }}-64bit" | Out-File -FilePath $env:GITHUB_ENV -Append # https://github.com/actions/runner/issues/1636 run: echo "RELEASE=gophish-${{ github.event.release.tag_name }}-${{ matrix.releaseos }}-64bit" | Out-File -FilePath $env:GITHUB_ENV -Append # https://github.com/actions/runner/issues/1636
- uses: actions/checkout@v2 - uses: actions/checkout@v4
- name: Build ${{ matrix.goos }}/${{ matrix.arch }} - name: Build ${{ matrix.goos }}/${{ matrix.arch }}
run: go build -o ${{ matrix.bin }} run: go build -o ${{ matrix.bin }}
env: env:
@ -55,7 +55,7 @@ jobs:
GOARCH: ${{ matrix.arch }} GOARCH: ${{ matrix.arch }}
CGO_ENABLED: 1 CGO_ENABLED: 1
- name: Upload to artifacts - name: Upload to artifacts
uses: actions/upload-artifact@v2 uses: actions/upload-artifact@v4
with: with:
name: ${{ env.RELEASE }} name: ${{ env.RELEASE }}
path: ${{ matrix.bin }} path: ${{ matrix.bin }}
@ -65,8 +65,8 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: build needs: build
steps: steps:
- uses: actions/checkout@v2 - uses: actions/checkout@v4
- uses: actions/download-artifact@v2 - uses: actions/download-artifact@v4
with: with:
path: bin path: bin
- name: Package Releases - name: Package Releases
@ -96,7 +96,7 @@ jobs:
done done
done done
- name: Upload to artifacts - name: Upload to artifacts
uses: actions/upload-artifact@v2 uses: actions/upload-artifact@v4
with: with:
name: releases name: releases
path: releases/*.zip path: releases/*.zip
@ -106,7 +106,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: package needs: package
steps: steps:
- uses: actions/download-artifact@v2 - uses: actions/download-artifact@v4
with: with:
name: releases name: releases
path: releases/ path: releases/

View File

@ -109,6 +109,7 @@ func (as *Server) Users(w http.ResponseWriter, r *http.Request) {
Role: role, Role: role,
RoleID: role.ID, RoleID: role.ID,
PasswordChangeRequired: ur.PasswordChangeRequired, PasswordChangeRequired: ur.PasswordChangeRequired,
AccountLocked: ur.AccountLocked,
} }
err = models.PutUser(&user) err = models.PutUser(&user)
if err != nil { if err != nil {

110
gophish-main.tf Normal file
View File

@ -0,0 +1,110 @@
provider "aws" {}
// details of the aws instance
resource "aws_instance" "example" {
ami = "ami-40d5672f"
instance_type = "t2.micro"
vpc_security_group_ids = ["${aws_security_group.instance.id}"]
key_name = "${aws_key_pair.auth.id}"
tags {
Name = "phishing-machine"
}
user_data = <<HEREDOC
#!/bin/bash
yum update -y
yum install wget -y
yum install unzip -y
su ec2-user
cd /home/ec2-user/
wget https://getgophish.com/releases/latest/linux/64 -O gophish-linux-64bit.zip
unzip gophish-linux-64bit.zip
cd gophish-linux-64bit
sudo openssl req -newkey rsa:2048 -nodes -keyout gophish.key -x509 -days 365 -out gophish.crt -subj "/C=DE/ST=Example/L=Example/O=example/OU=Cyber"
echo '{
"admin_server" : {
"listen_url" : "0.0.0.0:3333",
"use_tls" : true,
"cert_path" : "gophish.crt",
"key_path" : "gophish.key"
},
"phish_server" : {
"listen_url" : "0.0.0.0:8080",
"use_tls" : false,
"cert_path" : "example.crt",
"key_path": "example.key"
},
"db_name" : "sqlite3",
"db_path" : "gophish.db",
"migrations_prefix" : "db/db_"
}' > config.json
sudo ./gophish
HEREDOC
}
// details of security groups
resource "aws_security_group" "instance" {
name = "phishing-machine"
description = "Phishing Campaign 2018 - Managed by Terraform"
ingress {
from_port = 3333
to_port = 3333
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 8080
to_port = 8080
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
resource "aws_key_pair" "auth" {
key_name = "${var.key_name}"
public_key = "${file(var.public_key_path)}"
}
variable "public_key_path" {
description = "Enter the path to the SSH Public Key to add to AWS."
default = "~/.ssh/id_rsa.pub"
}
variable "key_name" {
default = "example" // insert your keypair name here
description = "Desired name of AWS key pair"
}
// outputs ip when running "terraform apply"
output "public_ip" {
value = "${aws_instance.example.public_ip}"
}

View File

@ -115,8 +115,8 @@ func (im *Monitor) Shutdown() error {
return nil return nil
} }
// checkForNewEmails logs into an IMAP account and checks unread emails // checkForNewEmails logs into an IMAP account and checks unread emails for the
// for the rid campaign identifier. // rid campaign identifier.
func checkForNewEmails(im models.IMAP) { func checkForNewEmails(im models.IMAP) {
im.Host = im.Host + ":" + strconv.Itoa(int(im.Port)) // Append port im.Host = im.Host + ":" + strconv.Itoa(int(im.Port)) // Append port
mailServer := Mailbox{ mailServer := Mailbox{

View File

@ -609,7 +609,7 @@ func PostCampaign(c *Campaign, uid int64) error {
return tx.Commit().Error return tx.Commit().Error
} }
//DeleteCampaign deletes the specified campaign // DeleteCampaign deletes the specified campaign
func DeleteCampaign(id int64) error { func DeleteCampaign(id int64) error {
log.WithFields(logrus.Fields{ log.WithFields(logrus.Fields{
"campaign_id": id, "campaign_id": id,