Gophish MODs
Modify Gophish to Bypass Detection
Was recently working on a Phishing Engagement. I always modified Gophish manually to evade detection. This time I thought of the principle, "Don't Do Anything Twice: When it Makes Sense to Automate" . Before I started manually typing scripts I searched for gold (basically if someone else tried to do it). I found this amazing docker-compose file which does all of the things which I wanted to do.
So I'm stealing work? Probably yeah !! I dont want docker so I'll probably just extract useful content from the docker-container file and run it on my gophish server πŸ€·β€β™‚οΈ
#clone gophish
git clone
#Get a Custom 404 Page
wget "" -O "404.html"
#Get a Custom Phish.go
wget "" -O "phish.go"
#copy Custom Phish.go
rm gophish/controllers/phish.go
mv phish.go gophish/controllers/phish.go
#Copy new 404.html
mv 404.html gophish/templates/404.html
cd gophish
sed -i 's/X-Gophish-Contact/X-Contact/g' models/email_request_test.go
sed -i 's/X-Gophish-Contact/X-Contact/g' models/maillog.go
sed -i 's/X-Gophish-Contact/X-Contact/g' models/maillog_test.go
sed -i 's/X-Gophish-Contact/X-Contact/g' models/email_request.go
# Stripping X-Gophish-Signature
sed -i 's/X-Gophish-Signature/X-Signature/g' webhook/webhook.go
# Changing servername
sed -i 's/const ServerName = "gophish"/const ServerName = "IGNORE"/' config/config.go
# Changing rid value
read -p 'Custom RID Parameter: ' uservar
sed -i 's/const RecipientParameter = "rid"/const RecipientParameter = "'$uservar'"/g' models/campaign.go
go build


​ for his amazing sneaky_gophish repository
​Vincent Yiu for his support and guidance always
Copy link