mirror of https://github.com/gophish/gophish
Compare commits
4 Commits
bde7da60dc
...
4d7910fec8
Author | SHA1 | Date |
---|---|---|
Milan Bharanya | 4d7910fec8 | |
Jordan Wright | 9561846979 | |
Caetan | 908886f2cd | |
MBharanya | 642d5fd7a4 |
|
@ -1,5 +1,7 @@
|
||||||
name: CI
|
name: CI
|
||||||
on: [push]
|
on:
|
||||||
|
- pull_request
|
||||||
|
- push
|
||||||
jobs:
|
jobs:
|
||||||
|
|
||||||
build:
|
build:
|
||||||
|
@ -7,17 +9,17 @@ jobs:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
strategy:
|
strategy:
|
||||||
matrix:
|
matrix:
|
||||||
goVer: [1.16, 1.17, 1.18]
|
goVer: [1.21, 1.22, 1.23]
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: Set up Go ${{ matrix.goVer }}
|
- name: Set up Go ${{ matrix.goVer }}
|
||||||
uses: actions/setup-go@v1
|
uses: actions/setup-go@v5
|
||||||
with:
|
with:
|
||||||
go-version: ${{ matrix.goVer }}
|
go-version: ${{ matrix.goVer }}
|
||||||
id: go
|
id: go
|
||||||
|
|
||||||
- name: Check out code into the Go module directory
|
- name: Check out code into the Go module directory
|
||||||
uses: actions/checkout@v2
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
- name: Get dependencies
|
- name: Get dependencies
|
||||||
run: |
|
run: |
|
||||||
|
@ -31,4 +33,4 @@ jobs:
|
||||||
run: diff -u <(echo -n) <(gofmt -d .)
|
run: diff -u <(echo -n) <(gofmt -d .)
|
||||||
|
|
||||||
- name: Test
|
- name: Test
|
||||||
run: go test -v ./...
|
run: go test ./...
|
||||||
|
|
|
@ -38,7 +38,7 @@ jobs:
|
||||||
- name: Set up Go
|
- name: Set up Go
|
||||||
uses: actions/setup-go@v2
|
uses: actions/setup-go@v2
|
||||||
with:
|
with:
|
||||||
go-version: 1.14
|
go-version: 1.22
|
||||||
- if: matrix.os == 'ubuntu-latest'
|
- if: matrix.os == 'ubuntu-latest'
|
||||||
run: sudo apt-get update && sudo apt-get install -y gcc-multilib
|
run: sudo apt-get update && sudo apt-get install -y gcc-multilib
|
||||||
- if: matrix.arch == '386'
|
- if: matrix.arch == '386'
|
||||||
|
@ -47,7 +47,7 @@ jobs:
|
||||||
run: echo "RELEASE=gophish-${{ github.event.release.tag_name }}-${{ matrix.releaseos }}-64bit" >> $GITHUB_ENV
|
run: echo "RELEASE=gophish-${{ github.event.release.tag_name }}-${{ matrix.releaseos }}-64bit" >> $GITHUB_ENV
|
||||||
- if: matrix.os == 'windows-latest'
|
- if: matrix.os == 'windows-latest'
|
||||||
run: echo "RELEASE=gophish-${{ github.event.release.tag_name }}-${{ matrix.releaseos }}-64bit" | Out-File -FilePath $env:GITHUB_ENV -Append # https://github.com/actions/runner/issues/1636
|
run: echo "RELEASE=gophish-${{ github.event.release.tag_name }}-${{ matrix.releaseos }}-64bit" | Out-File -FilePath $env:GITHUB_ENV -Append # https://github.com/actions/runner/issues/1636
|
||||||
- uses: actions/checkout@v2
|
- uses: actions/checkout@v4
|
||||||
- name: Build ${{ matrix.goos }}/${{ matrix.arch }}
|
- name: Build ${{ matrix.goos }}/${{ matrix.arch }}
|
||||||
run: go build -o ${{ matrix.bin }}
|
run: go build -o ${{ matrix.bin }}
|
||||||
env:
|
env:
|
||||||
|
@ -55,7 +55,7 @@ jobs:
|
||||||
GOARCH: ${{ matrix.arch }}
|
GOARCH: ${{ matrix.arch }}
|
||||||
CGO_ENABLED: 1
|
CGO_ENABLED: 1
|
||||||
- name: Upload to artifacts
|
- name: Upload to artifacts
|
||||||
uses: actions/upload-artifact@v2
|
uses: actions/upload-artifact@v4
|
||||||
with:
|
with:
|
||||||
name: ${{ env.RELEASE }}
|
name: ${{ env.RELEASE }}
|
||||||
path: ${{ matrix.bin }}
|
path: ${{ matrix.bin }}
|
||||||
|
@ -65,8 +65,8 @@ jobs:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
needs: build
|
needs: build
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v2
|
- uses: actions/checkout@v4
|
||||||
- uses: actions/download-artifact@v2
|
- uses: actions/download-artifact@v4
|
||||||
with:
|
with:
|
||||||
path: bin
|
path: bin
|
||||||
- name: Package Releases
|
- name: Package Releases
|
||||||
|
@ -96,7 +96,7 @@ jobs:
|
||||||
done
|
done
|
||||||
done
|
done
|
||||||
- name: Upload to artifacts
|
- name: Upload to artifacts
|
||||||
uses: actions/upload-artifact@v2
|
uses: actions/upload-artifact@v4
|
||||||
with:
|
with:
|
||||||
name: releases
|
name: releases
|
||||||
path: releases/*.zip
|
path: releases/*.zip
|
||||||
|
@ -106,7 +106,7 @@ jobs:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
needs: package
|
needs: package
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/download-artifact@v2
|
- uses: actions/download-artifact@v4
|
||||||
with:
|
with:
|
||||||
name: releases
|
name: releases
|
||||||
path: releases/
|
path: releases/
|
||||||
|
|
12
config.json
12
config.json
|
@ -19,5 +19,17 @@
|
||||||
"logging": {
|
"logging": {
|
||||||
"filename": "",
|
"filename": "",
|
||||||
"level": ""
|
"level": ""
|
||||||
|
},
|
||||||
|
"attachments": {
|
||||||
|
"plain_text_file_list": [
|
||||||
|
".txt",
|
||||||
|
".html",
|
||||||
|
".ics",
|
||||||
|
".ps1",
|
||||||
|
".bat",
|
||||||
|
".vbs",
|
||||||
|
".sh",
|
||||||
|
".py"
|
||||||
|
]
|
||||||
}
|
}
|
||||||
}
|
}
|
|
@ -26,6 +26,11 @@ type PhishServer struct {
|
||||||
KeyPath string `json:"key_path"`
|
KeyPath string `json:"key_path"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Attachments represents the handling of attachments in emails
|
||||||
|
type Attachments struct {
|
||||||
|
PlainTextFileList []string `json:"plain_text_file_list"`
|
||||||
|
}
|
||||||
|
|
||||||
// Config represents the configuration information.
|
// Config represents the configuration information.
|
||||||
type Config struct {
|
type Config struct {
|
||||||
AdminConf AdminServer `json:"admin_server"`
|
AdminConf AdminServer `json:"admin_server"`
|
||||||
|
@ -37,6 +42,7 @@ type Config struct {
|
||||||
TestFlag bool `json:"test_flag"`
|
TestFlag bool `json:"test_flag"`
|
||||||
ContactAddress string `json:"contact_address"`
|
ContactAddress string `json:"contact_address"`
|
||||||
Logging *log.Config `json:"logging"`
|
Logging *log.Config `json:"logging"`
|
||||||
|
Attachments Attachments `json:"attachments"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// Version contains the current gophish version
|
// Version contains the current gophish version
|
||||||
|
|
|
@ -26,7 +26,19 @@ var validConfig = []byte(`{
|
||||||
"db_name": "sqlite3",
|
"db_name": "sqlite3",
|
||||||
"db_path": "gophish.db",
|
"db_path": "gophish.db",
|
||||||
"migrations_prefix": "db/db_",
|
"migrations_prefix": "db/db_",
|
||||||
"contact_address": ""
|
"contact_address": "",
|
||||||
|
"attachments": {
|
||||||
|
"plain_text_file_list": [
|
||||||
|
".txt",
|
||||||
|
".html",
|
||||||
|
".ics",
|
||||||
|
".ps1",
|
||||||
|
".bat",
|
||||||
|
".vbs",
|
||||||
|
".sh",
|
||||||
|
".py"
|
||||||
|
]
|
||||||
|
}
|
||||||
}`)
|
}`)
|
||||||
|
|
||||||
func createTemporaryConfig(t *testing.T) *os.File {
|
func createTemporaryConfig(t *testing.T) *os.File {
|
||||||
|
|
|
@ -109,6 +109,7 @@ func (as *Server) Users(w http.ResponseWriter, r *http.Request) {
|
||||||
Role: role,
|
Role: role,
|
||||||
RoleID: role.ID,
|
RoleID: role.ID,
|
||||||
PasswordChangeRequired: ur.PasswordChangeRequired,
|
PasswordChangeRequired: ur.PasswordChangeRequired,
|
||||||
|
AccountLocked: ur.AccountLocked,
|
||||||
}
|
}
|
||||||
err = models.PutUser(&user)
|
err = models.PutUser(&user)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
@ -115,8 +115,8 @@ func (im *Monitor) Shutdown() error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// checkForNewEmails logs into an IMAP account and checks unread emails
|
// checkForNewEmails logs into an IMAP account and checks unread emails for the
|
||||||
// for the rid campaign identifier.
|
// rid campaign identifier.
|
||||||
func checkForNewEmails(im models.IMAP) {
|
func checkForNewEmails(im models.IMAP) {
|
||||||
im.Host = im.Host + ":" + strconv.Itoa(int(im.Port)) // Append port
|
im.Host = im.Host + ":" + strconv.Itoa(int(im.Port)) // Append port
|
||||||
mailServer := Mailbox{
|
mailServer := Mailbox{
|
||||||
|
|
|
@ -61,6 +61,21 @@ func (a *Attachment) ApplyTemplate(ptx PhishingTemplateContext) (io.Reader, erro
|
||||||
// "application/vnd.openxmlformats-officedocument.wordprocessingml.document"
|
// "application/vnd.openxmlformats-officedocument.wordprocessingml.document"
|
||||||
fileExtension := filepath.Ext(a.Name)
|
fileExtension := filepath.Ext(a.Name)
|
||||||
|
|
||||||
|
if array_contains(conf.Attachments.PlainTextFileList, fileExtension) {
|
||||||
|
b, err := ioutil.ReadAll(decodedAttachment)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
processedAttachment, err := ExecuteTemplate(string(b), ptx)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if processedAttachment == string(b) {
|
||||||
|
a.vanillaFile = true
|
||||||
|
}
|
||||||
|
return strings.NewReader(processedAttachment), nil
|
||||||
|
}
|
||||||
|
|
||||||
switch fileExtension {
|
switch fileExtension {
|
||||||
|
|
||||||
case ".docx", ".docm", ".pptx", ".xlsx", ".xlsm":
|
case ".docx", ".docm", ".pptx", ".xlsx", ".xlsm":
|
||||||
|
@ -136,21 +151,18 @@ func (a *Attachment) ApplyTemplate(ptx PhishingTemplateContext) (io.Reader, erro
|
||||||
zipWriter.Close()
|
zipWriter.Close()
|
||||||
return bytes.NewReader(newZipArchive.Bytes()), err
|
return bytes.NewReader(newZipArchive.Bytes()), err
|
||||||
|
|
||||||
case ".txt", ".html", ".ics":
|
|
||||||
b, err := ioutil.ReadAll(decodedAttachment)
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
processedAttachment, err := ExecuteTemplate(string(b), ptx)
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
if processedAttachment == string(b) {
|
|
||||||
a.vanillaFile = true
|
|
||||||
}
|
|
||||||
return strings.NewReader(processedAttachment), nil
|
|
||||||
default:
|
default:
|
||||||
return decodedAttachment, nil // Default is to simply return the file
|
return decodedAttachment, nil // Default is to simply return the file
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func array_contains(s []string, str string) bool {
|
||||||
|
for _, v := range s {
|
||||||
|
if v == str {
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
|
|
@ -609,7 +609,7 @@ func PostCampaign(c *Campaign, uid int64) error {
|
||||||
return tx.Commit().Error
|
return tx.Commit().Error
|
||||||
}
|
}
|
||||||
|
|
||||||
//DeleteCampaign deletes the specified campaign
|
// DeleteCampaign deletes the specified campaign
|
||||||
func DeleteCampaign(id int64) error {
|
func DeleteCampaign(id int64) error {
|
||||||
log.WithFields(logrus.Fields{
|
log.WithFields(logrus.Fields{
|
||||||
"campaign_id": id,
|
"campaign_id": id,
|
||||||
|
|
Loading…
Reference in New Issue