forked from bigb0sss/gogophish
-
Notifications
You must be signed in to change notification settings - Fork 0
/
gogophish_v2.0.sh
354 lines (296 loc) · 11.6 KB
/
gogophish_v2.0.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
#!/usr/bin/env bash
# Version : 2.0
# Created date : 12/09/2019
# Last update : 09/27/2020
# Author : bigb0ss
# Description : Automated script to install gophish
# Note : 09/20/20 - gophish admin password is not longer static. Added function to grab the temporary password for the initial login. You will be prompted to change the password as you login
### Colors
red=`tput setaf 1`;
green=`tput setaf 2`;
yellow=`tput setaf 3`;
blue=`tput setaf 4`;
magenta=`tput setaf 5`;
cyan=`tput setaf 6`;
bold=`tput bold`;
clear=`tput sgr0`;
banner() {
cat <<EOF
${blue}${bold}
_ _ _
| | (_) | |
__ _ ___ __ _ ___ _ __ | |__ _ ___| |__
/ _\` |/ _ \ / _\` |/ _ \| '_ \| '_ \| / __| '_ \\
| (_| | (_) | (_| | (_) | |_) | | | | \__ \ | | |
\__, |\___/ \__, |\___/| .__/|_| |_|_|___/_| |_|
__/ | __/ | | | [bigb0ss]
|___/ |___/ |_|
/|
/ | /|
<=== |=== | --------------------------------v2.0
\ | \|
\|
${clear}
EOF
}
usage() {
local ec=0
if [ $# -ge 2 ] ; then
ec="$1" ; shift
printf "%s\n\n" "$*" >&2
fi
banner
cat <<EOF
A quick Bash script to install GoPhish server.
${bold}Usage: ${blue}./$(basename $0) [-r <rid name>] [-e] [-s] [-d <domain name> ] [-c] [-h]${clear}
One shot to set up:
- Gophish Server (Email Phishing Ver.)
- Gophish Server (SMS Phishing Ver.)
- SSL Cert for Phishing Domain (LetsEncrypt)
Options:
-e Setup Email Phishing Gophish Server
-s Setup SMS Phishing Gophish Server
-r <rid name> Configure custom "rid=" parameter for landing page (e.g., https://example.com?rid={{.RID}})
If not specified, the default value would be "secure_id="
-d <domain name> SSL cert for phishing domain
${red}[WARNING] Configure 'A' record before running the script${clear}
-c Cleanup for a fresh install
-h This help menu
Examples:
./$(basename $0) -e Setup Email Phishing Gophish
./$(basename $0) -s Setup SMS Phishing Gophish
./$(basename $0) -r <rid name> -e Setup Email Phishing Gophish + Your choice of rid
./$(basename $0) -r <rid name> -s Setup SMS Phishing Gophish + Your choice of rid
./$(basename $0) -d <domain name> Configure SSL cert for your phishing Domain
./$(basename $0) -e -d <domain name> Email Phishing Gophish + SSL cert for Phishing Domain
./$(basename $0) -r <rid name> -e -d <domain name> Email Phishing Gophish + SSL cert + rid
EOF
exit $ec
}
### Exit
exit_error() {
usage
exit 1
}
### Initial Update & Dependency Check
dependencyCheck() {
### Update Sources
echo "${blue}${bold}[*] Updating source lists...${clear}"
apt-get update -y >/dev/null 2>&1
unzip=$(which unzip)
if [[ $unzip ]];
then
echo "${green}${bold}[+] Unzip already installed${clear}"
else
echo "${blue}${bold}[*] Installing unzip...${clear}"
apt-get install unzip -y >/dev/null 2>&1
fi
gocheck=$(which go)
if [[ $gocheck ]];
then
echo "${green}${bold}[+] Golang already installed${clear}"
else
echo "${blue}${bold}[*] Installing Golang...${clear}"
apt-get install golang -y >/dev/null 2>&1
fi
gitcheck=$(which git)
if [[ $gitcheck ]];
then
echo "${green}${bold}[+] Git already installed${clear}"
else
echo "${blue}${bold}[*] Installing Git...${clear}"
apt-get install git -y >/dev/null 2>&1
fi
pipcheck=$(which pip) # Needed to install Twilio lib
if [[ $pipcheck ]];
then
echo "${green}${bold}[+] Pip already installed${clear}"
else
echo "${blue}${bold}[*] Installing pip...${clear}"
apt-get install python-pip -y >/dev/null 2>&1
fi
gcccheck=$(which gcc) # Needed to install Twilio lib
if [[ $gcccheck ]];
then
echo "${green}${bold}[+] Gcc already installed${clear}"
else
echo "${blue}${bold}[*] Installing gcc...${clear}"
apt-get install gcc -y >/dev/null 2>&1
fi
echo "${blue}${bold}[*] Installing libc-dev...${clear}"
apt-get install libc-dev -y >/dev/null 2>&1
}
### Setup Email Version Gophish
setupEmail() {
gogophish_dir=`pwd`
gophish_git_dir=$gogophish_dir/gophish
mkdir /go
mkdir /go-cache
export GOPATH=/go
export GOCACHE=/go-cache
### Cleaning Port 80
fuser -k -s -n tcp 80
### Deleting Previous Gophish Source (*Need to be removed to update new rid)
rm -rf $gophish_git_dir >/dev/null 2>&1
### Installing GoPhish
echo "${blue}${bold}[*] Downloading gophish (x64)...${clear}"
git clone https://github.com/mplattner/gophish >/dev/null 2>&1 &&
echo "${blue}${bold}[*] Creating a gophish folder: /opt/gophish${clear}"
mkdir -p /opt/gophish &&
if [ "$rid" != "" ]
then
echo "${blue}${bold}[*] Updating \"rid\" to \"$rid\"${clear}"
sed -i 's!rid!'$rid'!g' $gophish_git_dir/models/campaign.go
ridConfirm=$(cat $gophish_git_dir/models/campaign.go | grep $rid)
echo "${blue}${bold}[*] Confirmation: $ridConfirm (campaign.go)${clear}"
fi
cd $gophish_git_dir
go build &&
mv ./gophish /opt/gophish/gophish &&
cp -R $gophish_git_dir/* /opt/gophish &&
sed -i 's!127.0.0.1!0.0.0.0!g' /opt/gophish/config.json &&
echo "${blue}${bold}[*] Creating a gophish log folder: /var/log/gophish${clear}"
mkdir -p /var/log/gophish &&
### Start Script Setup
cd $gogophish_dir
cp gophish.service /etc/systemd/system/gophish.service &&
systemctl enable gophish &&
chmod -R 777 /opt/gophish/static/endpoint
}
setupSMS() {
### Cleaning Port 80
fuser -k -s -n tcp 80
### Deleting Previous Gophish Source (*Need to be removed to update new rid)
rm -rf $GOPATH/src/github.com/gophish >/dev/null 2>&1 &&
### Installing GoPhish v0.8.0
echo "${blue}${bold}[*] Downloading gophish (x64)...${clear}"
mkdir -p /root/go &&
export GOPATH=/root/go &&
go get github.com/mplattner/gophish >/dev/null 2>&1 &&
echo "${blue}${bold}[*] Creating a gophish folder: /opt/gophish${clear}"
mkdir -p /opt/gophish &&
if [ "$rid" != "" ]
then
echo "${blue}${bold}[*] Updating \"rid\" to \"$rid\"${clear}"
sed -i 's!rid!'$rid'!g' $GOPATH/src/github.com/mplattner/gophish/models/campaign.go
ridConfirm=$(cat $GOPATH/src/github.com/mplattner/gophish/models/campaign.go | grep $rid)
echo "${blue}${bold}[*] Confirmation: $ridConfirm (campaign.go)${clear}"
fi
go build $GOPATH/src/github.com/mplattner/gophish &&
mv ./gophish /opt/gophish/gophish &&
cp -R $GOPATH/src/github.com/mplattner/gophish/* /opt/gophish &&
sed -i 's!127.0.0.1!0.0.0.0!g' /opt/gophish/config.json &&
echo "${blue}${bold}[*] Creating a gophish log folder: /var/log/gophish${clear}"
mkdir -p /var/log/gophish &&
### Getting gosmish.py (Author: fals3s3t)
echo "${blue}${bold}[*] Pulling gosmish.py (Author: fals3s3t) to: /opt/gophish...${clear}"
wget https://raw.githubusercontent.com/fals3s3t/gosmish/master/gosmish.py -P /opt/gophish/gosmish.py 2>/dev/null &&
chmod +x /opt/gophish/gosmish.py
### Installing Twilio
echo "${blue}${bold}[*] Installing Twilio...${clear}"
pip install -q twilio >/dev/null 2>&1 &&
echo "${blue}${bold}[*] Installing and configuring Postfix for SMS SMTP blackhole...${clear}"
name=$(hostname)
echo "postfix postfix/mailname string sms.sms " | debconf-set-selections
echo "postfix postfix/main_mailer_type string 'Local Only'" | debconf-set-selections
apt-get -y install postfix >/dev/null 2>&1
apt-get -y install postfix-pcre >/dev/null 2>&1
sed -i "/myhostname/c\myhostname = $name" /etc/postfix/main.cf >/dev/null 2>&1 &&
echo 'virtual_alias_maps = pcre:/etc/postfix/virtual' >> /etc/postfix/main.cf
echo '/.*/ nonexist' > /etc/postfix/virtual
service postfix stop &&
service postfix start &&
### Start Script Setup
cp gophish_start /etc/init.d/gophish &&
chmod +x /etc/init.d/gophish &&
update-rc.d gophish defaults
}
### Setup SSL Cert
letsEncrypt() {
### Clearning Port 80
fuser -k -s -n tcp 80
systemctl stop gophish 2>/dev/null
### Installing certbot-auto
echo "${blue}${bold}[*] Installing certbot...${clear}"
#wget https://dl.eff.org/certbot-auto -qq
#chmod a+x certbot-auto
apt-get install certbot -y >/dev/null 2>&1
### Installing SSL Cert
echo "${blue}${bold}[*] Installing SSL Cert for $domain...${clear}"
### Manual
#./certbot-auto certonly -d $domain --manual --preferred-challenges dns -m [email protected] --agree-tos &&
### Auto
certbot certonly --non-interactive --agree-tos --email [email protected] --standalone --preferred-challenges http -d $domain &&
echo "${blue}${bold}[*] Configuring New SSL cert for $domain...${clear}" &&
cp /etc/letsencrypt/live/$domain/privkey.pem /opt/gophish/domain.key &&
cp /etc/letsencrypt/live/$domain/fullchain.pem /opt/gophish/domain.crt &&
sed -i 's!false!true!g' /opt/gophish/config.json &&
sed -i 's!:80!:443!g' /opt/gophish/config.json &&
sed -i 's!example.crt!domain.crt!g' /opt/gophish/config.json &&
sed -i 's!example.key!domain.key!g' /opt/gophish/config.json &&
sed -i 's!gophish_admin.crt!domain.crt!g' /opt/gophish/config.json &&
sed -i 's!gophish_admin.key!domain.key!g' /opt/gophish/config.json &&
mkdir -p /opt/gophish/static/endpoint &&
printf "User-agent: *\nDisallow: /" > /opt/gophish/static/endpoint/robots.txt &&
echo "${green}${bold}[+] Check if the cert is correctly installed: https://$domain/robots.txt${clear}"
}
gophishStart() {
service=$(ls /etc/systemd/system/gophish.service 2>/dev/null)
if [[ $service ]];
then
sleep 1
systemctl restart gophish &&
#ipAddr=$(ip -4 addr show | grep -oP '(?<=inet\s)\d+(\.\d+){3}' | grep -v 127.0.0.1)
ipAddr=$(curl ifconfig.io 2>/dev/null)
pass=$(cat /var/log/gophish/gophish.error | grep 'Please login with' | cut -d '"' -f 4 | cut -d ' ' -f 10 | tail -n 1)
echo "${green}${bold}[+] Gophish Started: https://$ipAddr:3333 - [Login] Username: admin, Temporary Password: $pass${clear}"
else
exit 1
fi
}
cleanUp() {
echo "${green}${bold}Cleaning...1...2...3...${clear}"
systemctl stop gophish 2>/dev/null
rm -rf /root/go/src/github.com/gophish 2>/dev/null
rm certbot-auto* 2>/dev/null
rm -rf /opt/gophish 2>/dev/null
rm /etc/init.d/gophish 2>/dev/null
rm /etc/letsencrypt/keys/* 2>/dev/null
rm /etc/letsencrypt/csr/* 2>/dev/null
rm -rf /etc/letsencrypt/archive/* 2>/dev/null
rm -rf /etc/letsencrypt/live/* 2>/dev/null
rm -rf /etc/letsencrypt/renewal/* 2>/dev/null
echo "${green}${bold}[+] Done!${clear}"
}
domain=''
rid=''
while getopts ":r:esd:ch" opt; do
case "${opt}" in
r)
rid=$OPTARG ;;
e)
banner
dependencyCheck
setupEmail ;;
s)
banner
dependencyCheck
setupSMS
gophishStart ;;
d)
domain=${OPTARG}
letsEncrypt &&
gophishStart ;;
c)
cleanUp ;;
h | * )
exit_error ;;
:)
echo "${red}${bold}[-] Error: -${OPTARG} requires an argument (e.g., -r page_id or -d gogophish.com)${clear}" 1>&2
exit 1;;
esac
done
if [[ $# -eq 0 ]];
then
exit_error
fi