Mirrors/gophish
2
0
Fork 0
mirror of https://github.com/gophish/gophish synced 2024-11-12 23:37:11 +00:00
Code Issues Projects Releases Packages Wiki Activity
815 commits 25 branches 17 tags 118 MiB
Commit graph

815 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jordan Wright
9561846979
Update workflow actions and Go versions (#3245) 
This PR:

* Updates the versions of various actions used by the CI and release workflows
* Updates the release workflow to use Go version 1.22
* Updates the test matrix to use Go versions 1.21, 1.22, and 1.23

It also updates the CI workflow to run when pull requests are created or changed. This will help give feedback when formatting or tests are broken during a PR.

As a good example of why this is useful, you'll see that I needed to run `gofmt` to get this to pass! We should have caught that earlier and now we'll catch it moving forward.
 2024-09-22 23:24:43 -05:00
Caetan
908886f2cd
Enforce account locks when creating new users (#3173) 
Properly enforce account locks when new users are created

---------

Co-authored-by: Caetan Tojeiro Carpente <caetan.tojeiro@tier8.com>
 2024-09-22 22:53:08 -05:00
Glenn Wilkinson
8e79294413 Added error handling to in-app reporting mechanism 2023-09-15 15:45:30 +01:00
RS
ac9e6a7190
Add DB_NAME to run.sh to support mysql (#2850) 
Adding environment variable DB_NAME to run.sh so that Gophish Container can be set up with mysql/mariadb.

db_name has to be changed in config to mysql for mysql connection to work.
 2023-08-22 21:03:39 -05:00
Philipp
04f0fb6dfd
Install ca-certificates on Docker image (#2888) 
The ca-certificates package is necessary for Gophish to connect to webhooks using HTTPS.
 2023-08-22 20:50:03 -05:00
Glenn Wilkinson
d2efb18ef1
Updated regex pattern to allow longer TLDs 2022-12-16 17:04:55 +00:00
tcastron
2d08befb6b
Modified "SMTP From" field to avoid SMTP server errors with RFC 5321 (#2669) 
Co-authored-by: Thomas Castronovo <thocastronovo@cic.be>
 2022-11-29 16:41:10 +00:00
Vivek Kekuda
cec2da5128
Fix new records being added on completing a campaign (#2599) 
There were new records with name '[Deleted]' being added when a campaign was
completed. This used to happen when the resource associated with a campaign
(template, page, profile) was deleted before marking the campaign as
completed. The save gorm call used to upsert these values and ended up adding
rogue records.
 2022-10-13 16:16:37 +01:00
Glenn Wilkinson
095a9ba20c Updated README.md with working source installation instructions (see https://github.com/golang/go/issues/48332) 2022-09-29 13:21:31 +01:00
Glenn Wilkinson
b1648f0759 Bumped version to 0.12.1 2022-09-14 11:30:00 +01:00
Glenn Wilkinson
06e95c1fb8 Minified campaigns.js #2482 2022-09-14 11:29:18 +01:00
Vivek Kekuda
53537a221a
Fix resource selection during campaign copy (#2482) 
Clear the selection of resource (template, page, profile) whenever the original
resource is deleted and there is only one currently available resource present
in the DB while copying a campaign. Without this fix, the only available
resource is shown as the original resource, instead of showing [Deleted].
 2022-09-14 12:26:29 +02:00
Glenn Wilkinson
2b85a2bda5 Updated release workflow to mitigate set-env vulnerability and fix Windows build 2022-09-14 11:06:03 +01:00
Glenn Wilkinson
a53665b1b6 Updated formatting and CI to be in line with more recent versions of go 2022-09-12 22:05:34 +01:00
Mark Cabanero
78e9a51168
Add Trusted Origins to CSRF Handler (#2301) 
Enables the user to add addresses that they expect incoming connections
to come from. Helpful in cases where TLS termination is handled by a
load balancer upstream, rather than the application itself.
 2022-09-06 16:20:19 +02:00
Glenn Wilkinson
3863ad31b9 Fixed issue with sorting by login date of users 2022-08-26 23:09:14 +02:00
Glenn Wilkinson
34f7457294
Update README.md 
Updated installation command
 2022-08-25 15:28:54 +02:00
Glenn Wilkinson
32c0502999 Minified missing sending_profile file (741201b) 2022-08-24 18:00:00 +02:00
Glenn Wilkinson
6b61426aab Bumped version to 0.12.0 2022-08-12 21:31:43 +02:00
Glenn Wilkinson
90cd444dcb Minified template.js resolving #2545 2022-08-09 15:24:29 +01:00
Glenn Wilkinson
5ef2d75e72 Fixed Account Locked bug, allowing user accounts to be locked 2022-06-11 11:25:56 +01:00
Glenn Wilkinson
6fb77bf3ce Fixed formatting from Custom Envelope PR #2334 2022-06-05 21:18:32 +01:00
Glenn Wilkinson
d0ff3829e5 Disallow deleting of admin user from the UI (#2487) 2022-06-01 17:01:55 +01:00
Glenn Wilkinson
0c255bbe92 Disallow changing of admin username from the UI (#2487) 2022-06-01 16:40:04 +01:00
Bálint József Jánvári
b7c69662ce
Embed or attach files based on their file extension (#1525) 
Embed or attach files based on their file extension:
 * Set 'Content-Disposition: inline' for images
 * Set 'Content-Disposition: attachment' for other files
 2022-06-01 17:14:22 +02:00
Jake Walker
704e6d56b3
Fix modal titles saying new when editing existing content (#2318) 2022-04-15 16:28:19 +02:00
ptitdoc
bb516ef7ab
986 custom envelope sender remerge (#2334) 
* Adds the ability to specify an envelope sender in templates (#986)

Authored-by: ChessSpider <ChessSpider@users.noreply.github.com>
Authored-by: Olivier MEDOC <o_medoc@yahoo.fr>
Authored-by: ptitdoc <ptitdoc@free.fr>
 2022-03-25 16:24:49 +01:00
dependabot[bot]
e0acb99734
Bump minimist from 1.2.0 to 1.2.5 (#2401) 
Bumps [minimist](https://github.com/substack/minimist) from 1.2.0 to 1.2.5.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.0...1.2.5)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-25 13:10:19 +01:00
dependabot[bot]
eb016a437c
Bump copy-props from 2.0.4 to 2.0.5 (#2399) 
Bumps [copy-props](https://github.com/gulpjs/copy-props) from 2.0.4 to 2.0.5.
- [Release notes](https://github.com/gulpjs/copy-props/releases)
- [Changelog](https://github.com/gulpjs/copy-props/blob/master/CHANGELOG.md)
- [Commits](https://github.com/gulpjs/copy-props/compare/2.0.4...2.0.5)

---
updated-dependencies:
- dependency-name: copy-props
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-17 15:03:51 +01:00
Kirill
67e304f372
Fix open redirect vulnerability on the login page (#2262) 2022-02-16 17:26:51 +01:00
dependabot[bot]
e215132bdf
Bump ajv from 6.10.0 to 6.12.6 (#2395) 
Bumps [ajv](https://github.com/ajv-validator/ajv) from 6.10.0 to 6.12.6.
- [Release notes](https://github.com/ajv-validator/ajv/releases)
- [Commits](https://github.com/ajv-validator/ajv/compare/v6.10.0...v6.12.6)

---
updated-dependencies:
- dependency-name: ajv
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-16 16:46:30 +01:00
Glenn Wilkinson
741201b7f0 Added JS for Fix sending profile form (#2389) 2022-02-16 15:30:38 +00:00
Mark Steward
1f95efcb7b
Fix sending profile form (#2389) 
Credentials no longer suggested in the Search box in 'Sending Profiles'
 2022-02-07 17:12:55 +01:00
Glenn Wilkinson
a6627dfc6b
Added support for templating attachments (#1936) 
The following attachment types support template variables: docx, docm, pptx, xlsx, xlsm, txt, html, ics.
 2022-02-02 15:41:27 +01:00
Bilal Retiat
0646f14c99
Updated the Ansible Playbook (#2138) 
* Update Ansible role
* lint Ansible role
* Update Ansible Playbook README
* use python3 packages instead python2
 2021-12-23 19:13:43 +01:00
Glenn Wilkinson
ceab0509eb
Merge pull request #2296 from gophish/dependabot/npm_and_yarn/tar-4.4.19 
Bump tar from 4.4.8 to 4.4.19
 2021-12-18 09:49:34 +01:00
Glenn Wilkinson
202ecd3397
Merge pull request #2277 from gophish/dependabot/npm_and_yarn/path-parse-1.0.7 
Bump path-parse from 1.0.6 to 1.0.7
 2021-12-18 09:49:20 +01:00
Glenn Wilkinson
4b106b3fe2
Merge pull request #2211 from gophish/dependabot/npm_and_yarn/browserslist-4.16.6 
Bump browserslist from 4.6.1 to 4.16.6
 2021-12-18 09:49:11 +01:00
Glenn Wilkinson
1d18ea7e01
Merge pull request #2196 from gophish/dependabot/npm_and_yarn/hosted-git-info-2.8.9 
Bump hosted-git-info from 2.7.1 to 2.8.9
 2021-12-18 09:48:50 +01:00
Glenn Wilkinson
b3f0bad5ce
Merge pull request #2195 from gophish/dependabot/npm_and_yarn/lodash-4.17.21 
Bump lodash from 4.17.19 to 4.17.21
 2021-12-18 09:48:41 +01:00
Glenn Wilkinson
12ecfd84cc
Merge pull request #2182 from gophish/dependabot/npm_and_yarn/ssri-6.0.2 
Bump ssri from 6.0.1 to 6.0.2
 2021-12-18 09:48:33 +01:00
Glenn Wilkinson
4814620cdc
Merge pull request #2157 from gophish/dependabot/npm_and_yarn/y18n-3.2.2 
Bump y18n from 3.2.1 to 3.2.2
 2021-12-18 09:48:00 +01:00
dependabot[bot]
003d143641
Bump tar from 4.4.8 to 4.4.19 
Bumps [tar](https://github.com/npm/node-tar) from 4.4.8 to 4.4.19.
- [Release notes](https://github.com/npm/node-tar/releases)
- [Changelog](https://github.com/npm/node-tar/blob/main/CHANGELOG.md)
- [Commits](https://github.com/npm/node-tar/compare/v4.4.8...v4.4.19)

---
updated-dependencies:
- dependency-name: tar
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-09-01 04:00:10 +00:00
dependabot[bot]
f89c85f558
Bump path-parse from 1.0.6 to 1.0.7 
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-10 23:42:11 +00:00
dependabot[bot]
5aa3a858cb
Bump browserslist from 4.6.1 to 4.16.6 
Bumps [browserslist](https://github.com/browserslist/browserslist) from 4.6.1 to 4.16.6.
- [Release notes](https://github.com/browserslist/browserslist/releases)
- [Changelog](https://github.com/browserslist/browserslist/blob/main/CHANGELOG.md)
- [Commits](https://github.com/browserslist/browserslist/compare/4.6.1...4.16.6)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-05-25 07:33:27 +00:00
dependabot[bot]
82fd6adf68
Bump hosted-git-info from 2.7.1 to 2.8.9 
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.7.1 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](https://github.com/npm/hosted-git-info/compare/v2.7.1...v2.8.9)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-05-10 07:08:01 +00:00
dependabot[bot]
5fc6ba6bef
Bump lodash from 4.17.19 to 4.17.21 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.19 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.19...4.17.21)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-05-08 15:03:26 +00:00
dependabot[bot]
a5b3b134ba
Bump ssri from 6.0.1 to 6.0.2 
Bumps [ssri](https://github.com/npm/ssri) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/npm/ssri/releases)
- [Changelog](https://github.com/npm/ssri/blob/v6.0.2/CHANGELOG.md)
- [Commits](https://github.com/npm/ssri/compare/v6.0.1...v6.0.2)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-04-29 18:52:25 +00:00
dependabot[bot]
f722065018
Bump y18n from 3.2.1 to 3.2.2 
Bumps [y18n](https://github.com/yargs/y18n) from 3.2.1 to 3.2.2.
- [Release notes](https://github.com/yargs/y18n/releases)
- [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/y18n/commits)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-03-30 15:39:51 +00:00
dependabot[bot]
db63ee978d
Bump yargs-parser from 5.0.0 to 5.0.1 (#2151) 2021-03-28 15:40:31 -05:00