😎
😎
😎
😎
Intruder
Twitter
Search…
About Shantanu Khandelwal
Reporting
Excel Sheet to Word Report by PowerShell
Ghostwriter - Add report type
Red Team
HTTPS C2 Done Right NGINX
Domain Front
GoLang
ShellCode Injection
PowerShell
Database
Dealing with the Errors
Setting Up OPENVAS in KALI 2020.3
Phishing
Connecting GoPhish with Office365
SharpLoginPrompt - Success and a Curious Case
Gophish MODs
Long Live DMARC - Email Spoof issues
Talks I Like
Talks Worth Checking Out
Powered By GitBook
Gophish MODs
Modify Gophish to Bypass Detection
Was recently working on a Phishing Engagement. I always modified Gophish manually to evade detection. This time I thought of the principle, "Don't Do Anything Twice: When it Makes Sense to Automate" . Before I started manually typing scripts I searched github.com for gold (basically if someone else tried to do it). I found this amazing docker-compose file which does all of the things which I wanted to do.
So I'm stealing work? Probably yeah !! I dont want docker so I'll probably just extract useful content from the docker-container file and run it on my gophish server πŸ€·β€β™‚οΈ
1
#clone gophish
2
git clone https://github.com/gophish/gophish
3
​
4
#Get a Custom 404 Page
5
wget "https://raw.githubusercontent.com/puzzlepeaches/sneaky_gophish/main/files/404.html" -O "404.html"
6
​
7
#Get a Custom Phish.go
8
wget "https://raw.githubusercontent.com/puzzlepeaches/sneaky_gophish/main/files/phish.go" -O "phish.go"
9
​
10
#copy Custom Phish.go
11
rm gophish/controllers/phish.go
12
mv phish.go gophish/controllers/phish.go
13
​
14
#Copy new 404.html
15
mv 404.html gophish/templates/404.html
16
​
17
cd gophish
18
​
19
sed -i 's/X-Gophish-Contact/X-Contact/g' models/email_request_test.go
20
sed -i 's/X-Gophish-Contact/X-Contact/g' models/maillog.go
21
sed -i 's/X-Gophish-Contact/X-Contact/g' models/maillog_test.go
22
sed -i 's/X-Gophish-Contact/X-Contact/g' models/email_request.go
23
​
24
# Stripping X-Gophish-Signature
25
sed -i 's/X-Gophish-Signature/X-Signature/g' webhook/webhook.go
26
​
27
# Changing servername
28
sed -i 's/const ServerName = "gophish"/const ServerName = "IGNORE"/' config/config.go
29
​
30
# Changing rid value
31
read -p 'Custom RID Parameter: ' uservar
32
sed -i 's/const RecipientParameter = "rid"/const RecipientParameter = "'$uservar'"/g' models/campaign.go
33
​
34
​
35
​
36
go build
Copied!

Acknowledgements

​https://twitter.com/sprocket_ed for his amazing sneaky_gophish repository
​Vincent Yiu for his support and guidance always
Phishing - Previous
SharpLoginPrompt - Success and a Curious Case
Next - Phishing
Long Live DMARC - Email Spoof issues
Last modified 6mo ago
Copy link
Contents
Acknowledgements