-
Notifications
You must be signed in to change notification settings - Fork 0
/
gophish_setup.sh
185 lines (150 loc) · 4.44 KB
/
gophish_setup.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
#!/bin/bash
# This is a setup script for phishing VMs with Gophish on Ubuntu 20.04 in DigitalOcean. Not intended to work on other platforms, but it might!
# Evan Miller, 2/10/2022
# Exit on errors.
set -e
# variables
logdir="/var/log/gophish"
domnm="$1"
# first check if we are root.
if [[ $EUDI -ne 0 ]]; then
echo "This script must be run as root!"
exit 1
fi
#get domain name
if [ -z "$domnm" ]; then
echo "Enter domain name: "
read domnm
fi
echo "Proceeding with domain name: " ${domnm}
#Install unzip
if [ -f /usr/bin/unzip ]; then
echo "unzip already installed. Skipping."
else
/usr/bin/apt update
echo "Installing unzip"
apt -y install unzip
fi
# WGET
if [ -f /root/gophish.zip ]; then
echo "gophish zip already exists, not downloading."
else
echo "Downloading gophish zip v0.11.0"
wget -O gophish.zip "https://github.com/gophish/gophish/releases/download/v0.11.0/gophish-v0.11.0-linux-64bit.zip"
echo "Unzipping gophish"
unzip gophish.zip -d /opt/gophish
fi
# Modify config file.
echo "Setting up config file."
echo "" > /opt/gophish/config.json
cat <<EOF >> /opt/gophish/config.json
{
"admin_server": {
"listen_url": "0.0.0.0:3333",
"use_tls": true,
"cert_path": "cert.pem",
"key_path": "privkey.pem"
},
"phish_server": {
"listen_url": "0.0.0.0:443",
"use_tls": true,
"cert_path": "cert.pem",
"key_path": "privkey.pem"
},
"db_name": "sqlite3",
"db_path": "gophish.db",
"migrations_prefix": "db/db_",
"contact_address": "",
"logging": {
"filename": "${logdir}/gophish.log",
"level": ""
}
}
EOF
if df | grep -q certbot; then
echo "certbot appears to be installed. Skipping certbot install."
else
echo "Installing and refreshing snap core."
snap install core
snap refresh core
echo "Installing certbot"
snap install --classic certbot
fi
if [ -f /usr/bin/certbot ]; then
echo "certbot symlink already exists. Skilling creation."
else
echo "Creating link for certbot in /usr/bin"
ln -s /snap/bin/certbot /usr/bin/certbot
fi
if [ -f /etc/letsencrypt/live/${domnm}/cert.pem ]; then
echo "Cert already exists! If you wish to create new certs, you will need to remove the old ones first."
else
echo "Attempting to grab a cert for: " ${domnm}
certbot certonly --standalone --register-unsafely-without-email -d "${domnm}" --agree-tos
fi
echo "Setting up links for certs"
if [ -f /opt/gophish/cert.pem ]; then
echo "cert.pem exists - removing."
/usr/bin/rm /opt/gophish/cert.pem
fi
ln -L /etc/letsencrypt/live/${domnm}/cert.pem /opt/gophish/cert.pem
echo "Setting up links for certs"
if [ -f /opt/gophish/privkey.pem ]; then
echo "privkey.pem exists - removing."
/usr/bin/rm /opt/gophish/privkey.pem
fi
ln -L /etc/letsencrypt/live/${domnm}/privkey.pem /opt/gophish/privkey.pem
if id -u gophish; then
echo "Gophish user exists. Not creating a new user."
else
echo "Setting up gophish user"
/usr/sbin/adduser gophish --shell /usr/sbin/nologin --disabled-login --disabled-password --gecos ""
fi
if groups gophish | grep -q certs; then
echo "Gophish user already in certs group; skipping"
else
/usr/sbin/addgroup -system certs
/usr/sbin/adduser gophish certs
fi
echo "Setting file permissions"
/usr/bin/chgrp -R certs /etc/letsencrypt
/usr/bin/chmod -R g+rx /etc/letsencrypt
/usr/bin/chown -R gophish /opt/gophish
/usr/bin/chmod -R 744 /opt/gophish/gophish
echo "Setting up logging environment"
if [ -d "/var/log/gophish" ] ; then
echo "logdir exists."
else
/usr/bin/mkdir /var/log/gophish
/usr/bin/chown gophish /var/log/gophish
/usr/bin/chgrp gophish /var/log/gophish
fi
echo "Adding permission to use low ports"
setcap 'cap_net_bind_service=+eip' /opt/gophish/gophish
if [ -f /etc/systemd/system/gophish.service ]; then
echo "Servic exists. If you'd like a new one, you'll need to delete the old one."
else
echo "Creating gophish service file."
cat <<EOF >> /etc/systemd/system/gophish.service
[Unit]
Description=Gophish is an open-source phishing toolkit
After=network-online.target
[Service]
WorkingDirectory=/opt/gophish
User=gophish
ExecStart=/opt/gophish/gophish
[Install]
WantedBy=multi-user.target
Alias=gophish.service
EOF
fi
echo "Preparing and starting gophish service. Enjoy!"
if [ -f /etc/systemd/system/multi-user.target.wants/gophish.service ]; then
systemctl disable gophish
systemctl daemon-reload
systemctl enable gophish
else
systemctl start gophish
fi
cat /var/log/gophish/gophish.log | grep "Please login with the username admin and the password" | tail -n1 | rev | cut -d' ' -f1 | cut -d'"' -f2 | rev
exit 0