In previous post I have showed you capabilities of GoPhish software after installation. Today will show you how to install and configure it under Linux.
In my environment I used VPS bought on OVH for 20 PLN, what is about 4 EUR. Configuration of that VPS is 1 core, 2 GB RAM and 20 GB of storage. As a system I used Debian 11. In addition I bought also domain. For that domain I generated free 3-months SSL certificate on ZEROSSL.com. In this post on that blog you can find tutorial how to get that certificate.
Kroki instalacji
Go installation
Because GoPhish has been written in GO language, first we have to install it on server. At the beginning we need to install curl, to be able to download newest release of GoPhish.
1 |
sudo apt install curl |
Next , on Go language website we need to check what is the newest version. According to that command could be different.
1 |
curl -O https://dl.google.com/go/go1.19.2.linux-amd64.tar.gz |
The next step will be decompression of files and granting proper permissions.
1 2 3 |
tar xvf go1.19.2.linux-amd64.tar.gz sudo chown -R root:root ./go sudo mv go /usr/local |
GoPhish installation
GoPhish can be downloaded from github. To do it you need to install git package and then download gophish files.
1 |
sudo apt-get install git |
1 |
wget https://github.com/gophish/gophish/releases/download/v0.12.1/gophish-v0.12.1-linux-64bit.zip |
Files are zipped in a *.zip format. If we dont have unzip installed, need to proceed it..
1 |
sudo apt install unzip |
And then unpack it.
1 |
unzip gophish-v0.12.1-linux-64bit.zip |
Sendmail installation
Before we go to GoPhish configuration, let’s install sendmail packet, which will be used to mail sending.
1 |
sudo apt-get install sendmail |
After installation we have to configure it. We need to configure SMTP protocol. Inside /etc/mail create new folder and grant permissions.
1 2 3 4 5 6 |
sudo mkdir /etc/mail/auth sudo chmod -R 700 /etc/mail/auth cd /etc/mail/auth sudo nano gmail-auth |
In file gmail-auth put logon data to email account. If you are using gmail you need to create application password. For Google you will find tutorial here. In Gmail, to be able to create application password you need before enable MFA. When you have already password generated put in in opened file. Format of tat file looks like that.
1 |
AuthInfo: "U:root" "I:email-address@gmail.com" "P:password" |
Save the file and need to prepare hash database map.
1 |
sudo makemap hash gmail-auth < gmail-auth |
Now we need to edit /etc/mail/sendmail.mc. At the end replace the section MAILER_DEFINITIONS for that below. If you are using different mail provider, you need to use another SMART_HOST address.
1 2 3 4 5 6 7 8 9 10 11 |
MAILER_DEFINITIONS #define(`SMART_HOST',`[smtp.office365.com]')dnl define(`SMART_HOST',`[smtp.gmail.com]')dnl define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl define(`confAUTH_OPTIONS', `A p')dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl FEATURE(`authinfo',`hash /etc/mail/auth/gmail-auth.db')dnl MAILER(`local')dnl MAILER(`smtp')dnl |
Last step is rebuild configuration and restart of sendmail.
1 2 3 4 |
cd /etc/mail make sudo /etc/init.d/sendmail restart |
Now we can send test mail.
1 |
echo "TEST MAIL" | /usr/sbin/sendmail -v myemail@address |
In case of error: 554 5.2.252 SendAsDenied; mail@domena.com not allowed to send as root@vps…
you need to put in the command from parameter.
1 |
echo "TEST MAIL" | /usr/sbin/sendmail -f "sender@domena.com" -v receiver@address.com |
GoPhish configuration
After we have configured all tools used by GoPhish, we need to configure GoPhish itself.
This config is simple, need to edit file config.json, which is located in main folder in the downloaded package. My config looks like that.
Explaination of options possible to be configured you can find in the documentation under link. I will put here fragment of doc with information of visible parameters.
After saving configuration file you can run gophish by using command:
1 |
./gophish |
After first run, on the console you will se admin password which has to be changed after first login.
Below you can find links to GitHub when there is a lot of mails and landing pages html codes: