[WIP] Phishing Campaign with GoPhish

Objective

Quick reference document on how spin a GoPhish server with a reverse proxy handling getting the certificate.

Configuration

Download the latest binary at https://github.com/gophish/gophish/releases

Configuration that I used for my last campaign

json

# /srv/config.json
{
        "admin_server": {
                "listen_url": "127.0.0.1:3333",
                "use_tls": true,
                "cert_path": "gophish_admin.crt",
                "key_path": "gophish_admin.key",
                "trusted_origins": []
        },
        "phish_server": {
                "listen_url": "localhost:8000",
                "use_tls": false,
                "cert_path": "example.crt",
                "key_path": "example.key"
        },
        "db_name": "sqlite3",
        "db_path": "gophish.db",
        "migrations_prefix": "db/db_",
        "contact_address": "",
        "logging": {
                "filename": "",
                "level": ""
        }
}

Create the Systemd service

bash

$ systemctl edit --force --full gophish

ini

# /etc/systemd/system/gophish.service
[Unit]
Name=gophish

[Service]
Type=Simple
ExecStart=/srv/gophish
WorkingDirectory=/srv/

I used Caddy as a reverse proxy. Caddy also fetched a TLS certificate from Let's Encrypt automatically.

nginx

# /etc/caddy/Caddyfile
:80 {
	respond 418
}

# HTTP to HTTPS redirect
http://<fqdn> {
        redir https://<fqdn>
}

https://<fqdn> {
        # $ caddy hash-password
    	# phish:Passw0rd!
        #basicauth {
        #       phish $2a$14$dNgUtsrrgtMFq18WGMxL3eySH9EZSHo95M4rZCNkWcg3SEebtGvh2
        #}
        reverse_proxy {
                to localhost:8000
        }
}

Evilgophish!

https://github.com/kgretzky/gophish/

https://github.com/kgretzky/evilginx2

[WIP] Phishing Campaign with GoPhish ​

Objective ​

Configuration ​

Evilgophish! ​

[WIP] Phishing Campaign with GoPhish

Objective

Configuration

Evilgophish!