### Install Gophish from Source Source: https://docs.getgophish.com/user-guide/installation Commands to download and build the Gophish binary using the Go toolchain. ```bash go get github.com/gophish/gophish ``` ```bash go build ``` -------------------------------- ### Plain Text Template Variable Example Source: https://docs.getgophish.com/user-guide/documentation/attachments Demonstrates the use of Gophish template variables within a plain text file. ```text Hello {{.FirstName}}, This is a plain text file that was sent to {{.Email}}. If you could be so kind as to copy and paste this URL into your browser: {{.URL}} ``` -------------------------------- ### Run Gophish Executable Source: https://docs.getgophish.com/user-guide/installation Navigate to the directory containing the Gophish binary and execute it to start the application. This will display informational output including server addresses, ports, and login credentials. ```bash gophish@gophish.dev:~/src/github.com/gophish/gophish$ ./gophish ``` ```log time="2020-06-30T08:04:33-05:00" level=warning msg="No contact address has been configured." time="2020-06-30T08:04:33-05:00" level=warning msg="Please consider adding a contact_address entry in your config.json" time="2020-06-30T08:04:33-05:00" level=info msg="Please login with the username admin and the password 1178f855283d03d3" time="2020-06-30T08:04:33-05:00" level=info msg="Starting phishing server at http://0.0.0.0:80" time="2020-06-30T08:04:33-05:00" level=info msg="Starting IMAP monitor manager" time="2020-06-30T08:04:33-05:00" level=info msg="Starting admin server at https://127.0.0.1:3333" time="2020-06-30T08:04:33-05:00" level=info msg="Background Worker Started Successfully - Waiting for Campaigns" time="2020-06-30T08:04:33-05:00" level=info msg="Starting new IMAP monitor for user admin" ``` -------------------------------- ### Example Webhook Signature Header Source: https://docs.getgophish.com/user-guide/documentation/webhooks This is an example of the X-Gophish-Signature header sent with webhook requests. It uses the HMAC-SHA256 algorithm. ```http POST /webhook HTTP/1.1 Host: localhost:9999 Accept-Encoding: gzip Content-Length: 226 Content-Type: application/json User-Agent: Go-http-client/1.1 X-Gophish-Signature: sha256=2be52d4b83eb7f19b0ecc75ebd6441cefea5512443eb18d38a8beb2e7584a66c ``` -------------------------------- ### Calendar Invitation Template Variable Example Source: https://docs.getgophish.com/user-guide/documentation/attachments Demonstrates the use of Gophish template variables within an .ics calendar file. ```text BEGIN:VCALENDAR DTSTAMP:20210306T182251Z DTSTART;TZID=Europe/London:20210306T183000 DTEND;TZID=Europe/London:20210306T190000 SUMMARY:Gophish Test Calendar TZID:Europe/London DESCRIPTION:Glenn is inviting you to a Zoom meeting. n\nJoin Zoom Meeting\n{{.URL}} LOCATION:{{.URL}} END:VCALENDAR ``` -------------------------------- ### Run GoPhish Binary and View Logs Source: https://docs.getgophish.com/user-guide/getting-started Execute the GoPhish binary in your command shell. The output will display server startup information, database creation details, and temporary admin credentials for versions after v0.10.1. Ensure you have the necessary permissions if binding to privileged ports like TCP 80. ```bash gophish@gophish.dev:~/src/github.com/gophish/gophish$ ./gophish time="2020-06-30T08:04:33-05:00" level=warning msg="No contact address has been configured." time="2020-06-30T08:04:33-05:00" level=warning msg="Please consider adding a contact_address entry in your config.json" time="2020-06-30T08:04:33-05:00" level=info msg="Please login with the username admin and the password 1178f855283d03d3" time="2020-06-30T08:04:33-05:00" level=info msg="Starting phishing server at http://0.0.0.0:80" time="2020-06-30T08:04:33-05:00" level=info msg="Starting IMAP monitor manager" time="2020-06-30T08:04:33-05:00" level=info msg="Starting admin server at https://127.0.0.1:3333" time="2020-06-30T08:04:33-05:00" level=info msg="Background Worker Started Successfully - Waiting for Campaigns" time="2020-06-30T08:04:33-05:00" level=info msg="Starting new IMAP monitor for user admin" ``` -------------------------------- ### Create Gophish Database in MySQL Source: https://docs.getgophish.com/user-guide/installation Execute this SQL command to create the `gophish` database with the correct character set and collation, which is necessary for Gophish to function correctly. ```sql CREATE DATABASE gophish CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci; ``` -------------------------------- ### Configure Admin Server for TLS Source: https://docs.getgophish.com/user-guide/installation JSON configuration snippet to enable TLS and specify certificate paths in config.json. ```json "admin_server" : { "listen_url" : "127.0.0.1:3333", "use_tls" : true, "cert_path" : "gophish.crt", "key_path" : "gophish.key" } ``` -------------------------------- ### Configure MySQL for Gophish Source: https://docs.getgophish.com/user-guide/installation Add these lines to `/etc/mysql/mysql.cnf` to set the `sql_mode` for MySQL versions 5.7 and above, ensuring compatibility with Gophish's datetime format. ```ini [mysqld] sql_mode=ONLY_FULL_GROUP_BY,STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION ``` -------------------------------- ### Template Variables Reference Source: https://docs.getgophish.com/user-guide/template-reference List of available variables for Gophish templates and landing pages. ```APIDOC ## Template Variables ### Description Variables available for use in templates and landing pages. Note that these variables are case-sensitive. ### Variables - **{{.RId}}** - The target's unique ID - **{{.FirstName}}** - The target's first name - **{{.LastName}}** - The target's last name - **{{.Position}}** - The target's position - **{{.Email}}** - The target's email address - **{{.From}}** - The spoofed sender - **{{.TrackingURL}}** - The URL to the tracking handler - **{{.Tracker}}** - An alias for - **{{.URL}}** - The phishing URL - **{{.BaseURL}}** - The base URL with the path and rid parameter stripped. Useful for making links to static files. ``` -------------------------------- ### Redirect logs via shell Source: https://docs.getgophish.com/user-guide/documentation/logging Use standard shell redirection to capture logs to a file for Gophish versions prior to 0.8.0. ```bash $ ./gophish > gophish.log 2>&1 ``` -------------------------------- ### Configure Database Connection in config.json Source: https://docs.getgophish.com/user-guide/installation Update the `db_name` and `db_path` entries in `config.json` to match your MySQL deployment. The `db_path` format is `username:password@(host:port)/database?charset=utf8&parseTime=True&loc=UTC`. ```json "db_name" : "mysql", "db_path" : "root:@(:3306)/gophish?charset=utf8&parseTime=True&loc=UTC", ``` -------------------------------- ### Configure logging in config.json Source: https://docs.getgophish.com/user-guide/documentation/logging Specify a log filename directly in the Gophish configuration file for versions 0.8.0 and later. ```json "logging": { "filename": "gophish.log" } ``` -------------------------------- ### Secure Configuration File Source: https://docs.getgophish.com/user-guide/installation Command to restrict file permissions for the configuration file on Linux systems. ```bash chmod 640 config.json ``` -------------------------------- ### Generate Self-Signed SSL Certificate Source: https://docs.getgophish.com/user-guide/installation OpenSSL command to create a new RSA private key and a self-signed X.509 certificate. ```bash openssl req -newkey rsa:2048 -nodes -keyout gophish.key -x509 -days 365 -out gophish.crt ``` -------------------------------- ### Tracking Office Document Opens with Linked Image Source: https://docs.getgophish.com/user-guide/documentation/attachments Embed `{{.TrackingURL}}` as a linked image in an Office document. When the document is opened, the image will be loaded, triggering a request to the GoPhish server and marking the document as opened. Ensure the Tracking URL is not included in the email body. ```text INCLUDEPICTURE "{{.TrackingURL}}" \d ``` -------------------------------- ### Define HTML Form for Data Capture Source: https://docs.getgophish.com/user-guide/faq Minimal HTML form structure required for Gophish to capture submitted input data. ```markup
``` -------------------------------- ### CSV Format for Importing Users Source: https://docs.getgophish.com/user-guide/building-your-first-campaign/importing-groups This is the expected CSV format for importing users into GoPhish. Ensure your CSV file includes these header values: First Name, Last Name, Email, and Position. ```csv First Name,Last Name,Position,Email Richard,Bourne,CEO,rbourne@morningcatch.ph Boyd,Jenius,Systems Administrator,bjenius@morningcatch.ph Haiti,Moreo,Sales & Marketing,hmoreo@morningcatch.ph ``` -------------------------------- ### Email Template Body Content Source: https://docs.getgophish.com/user-guide/building-your-first-campaign/creating-the-template A sample email body using template variables for personalization and a placeholder for the phishing link. ```text {{.FirstName}}, The password for {{.Email}} has expired. Please reset your password here. Thanks, Morning Catch IT Team ``` -------------------------------- ### Gophish Webhook Event Details for Clicks/Submissions Source: https://docs.getgophish.com/user-guide/documentation/webhooks This JSON structure represents the 'details' field for 'Email Opened', 'Clicked Link', and 'Submitted Data' events. It contains payload information including the recipient's IP address and user-agent. ```json "payload": { "rid": "1234567", "browser": { "address": "127.0.0.1", "user-agent": "Mozilla/5.0 (Macintosh; PPC Mac OS X 10_10_4; rv:1.9.3.20) Gecko/2017-08-09 20:28:42 Firefox/3.8", }, "foo": ["bar"] } ``` -------------------------------- ### Gophish Webhook Event Format Source: https://docs.getgophish.com/user-guide/documentation/webhooks This is the standard JSON format for events sent by Gophish webhooks. It includes email, timestamp, message type, and optional details. ```json { "email": "foo.bar@example.com", "time": "2020-01-20T17:33:55.553906Z", "message": "Email Opened", "details": "" } ``` -------------------------------- ### Email Template Subject Line Source: https://docs.getgophish.com/user-guide/building-your-first-campaign/creating-the-template Use the {{.Email}} template variable to dynamically insert the target's email address into the subject line. ```text Password Reset for {{.Email}} ``` -------------------------------- ### Tracking Macro Execution in Word Documents Source: https://docs.getgophish.com/user-guide/documentation/attachments This VBA macro code tracks macro execution in Word documents. It searches for a textbox named 'urlbox', retrieves its content as a URL, and then opens that URL. This requires the user to enable macros. ```vba Sub urlfetch() Dim shp As Shape For Each shp In ActiveDocument.Shapes If shp.Name = "urlbox" Then URL = shp.TextFrame.TextRange.Text ActiveDocument.FollowHyperlink Address:=URL End If Next End Sub Public Sub AutoOpen() urlfetch End Sub ``` -------------------------------- ### Tracking Macro Execution in Excel Workbooks Source: https://docs.getgophish.com/user-guide/documentation/attachments This VBA macro code tracks macro execution in Excel workbooks. It searches for a textbox named 'urlbox', retrieves its content as a URL, and then opens that URL. This requires the user to enable macros. ```vba Sub urlfetch() For Each shp In ActiveSheet.Shapes If shp.Name = "urlbox" Then Url = shp.TextFrame2.TextRange.Text FollowHyperlink (Url) End If Next End Sub Public Sub Workbook_Open() urlfetch End Sub ``` -------------------------------- ### Identify TLS Handshake Error Source: https://docs.getgophish.com/user-guide/faq Log message indicating an attempt to access the admin dashboard via HTTP instead of HTTPS. ```text 2018/11/15 21:42:22 http: TLS handshake error from 127.0.0.1:51419: tls: first record does not look like a TLS handshake ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.