Welcome to the first of a series of posts diving into the functionality and usage of the tool – Gophish. This tool allows users to quickly deploy phishing engagements or user awareness training exercises. Recently, we performed a user awareness exercise in which the client was looking to track the number of employees who clicked on a phishing website link within an email. To gather this metric, we turned to Gophish. In this post, I’ll be walking through a quick and easy configuration of Gophish.
What Is Gophish?
The Gophish starter guide defines it as,
‘a phishing framework that makes the simulation of real-world phishing attacks dead-simple. The idea behind Gophish is simple – make industry-grade phishing training available to everyone. “Available” in this case means two things:
- Affordable – Gophish is open-source software that is completely free for anyone to use.
- Accessible – Gophish is written in the Go programming language. This has the benefit that gophish releases are compiled binaries with no dependencies. In a nutshell, this makes installation as simple as “download and run”!’
How To Install Gophish
There are a couple different ways that Gophish can be setup or installed. Gophish does a wonderful job with its documentation. There are two options for installation, 1. Build from source or 2. Utilizing pre-built binaries.
In this post, we will walk through the pre-built binaries. In my case, I will be downloading the Linux 64bit version. There is a list of releases here where you can specify your operating system version to download the correct version, here is the latest version (at the time of this blog). Be sure to periodically check for newer versions.
How To Use Gophish
Once the Gophish release file has been downloaded to the system, unzip the file to retrieve the contents.
Within the directory you will be presented with a “gophish” file. Be sure to apply the execute permissions to the file.
chmod +x gophish
Running the Gophish file with sudo rights will start the application.
Something to note – when starting the Gophish application the terminal screen will display some necessary information to be able to access the application. The first item will be the login information:
level=info msg="Please login with the username admin and the password <PASSWORD>"
The second item will be the URL to the administrative portal:
level=info msg="Starting admin server at https://127.0.0.1:3333"
With this information you can get logged into the Gophish interface.
How To Configure Gophish
In further blog posts, we will work on configuring Gophish to work with a specific domain and interact with an external mail server… stay tuned for part two!
MORE FROM WHITE OAK SECURITY
White Oak Security is a highly skilled and knowledgeable cyber security testing company that works hard to get into the minds of opponents to help protect those we serve from malicious threats through expertise, integrity, and passion.