ubuntu24安装gofinsh

安装
设置为后台服务
创建钓鱼页面
配合 Campaign 发送邮件给目标，点击邮件里的链接才会访问你的模板

安装

rambo@ubuntu24-1:~$ sudo apt update && sudo apt install unzip wget git ufw -y

rambo@ubuntu24-1:~$ mkdir gophish && cd gophish
rambo@ubuntu24-1:~/gophish$ wget https://github.com/gophish/gophish/releases/download/v0.12.1/gophish-v0.12.1-linux-64bit.zip
rambo@ubuntu24-1:~/gophish$ unzip gophish-v0.12.1-linux-64bit.zip
# 修改配置文件
rambo@ubuntu24-1:~/gophish$ vim config.json
{
        "admin_server": {
                "listen_url": "0.0.0.0:3333",           # 改为监听所有IP
                "use_tls": false,                       # 不是用tls,如果使用tls则需要改成true
                "cert_path": "gophish_admin.crt",       # 这里后续替换SSL证书
                "key_path": "gophish_admin.key",
                "trusted_origins": []
        },
        "phish_server": {
                "listen_url": "0.0.0.0:8080",             # 改为80端口，便于访问
                "use_tls": false,
                "cert_path": "example.crt",
                "key_path": "example.key"
        },
        "db_name": "sqlite3",
        "db_path": "gophish.db",
        "migrations_prefix": "db/db_",
        "contact_address": "",
        "logging": {
                "filename": "",
                "level": ""
        }
}




=================================================
配置 HTTPS (推荐)
申请 Let's Encrypt 免费证书：
sudo apt install certbot -y
sudo certbot certonly --standalone -d yourdomain.com

获取证书后，把路径写进 config.json 里：
"cert_path": "/etc/letsencrypt/live/yourdomain.com/fullchain.pem",
"key_path": "/etc/letsencrypt/live/yourdomain.com/privkey.pem"



# 配置防火墙
sudo ufw allow 22/tcp
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw allow 3333/tcp
sudo ufw enable
=================================================



rambo@ubuntu24-1:~/gophish$ chmod 755 gophish


rambo@ubuntu24-1:~/gophish$ sudo ./gophish 
time="2025-08-16T17:19:53+08:00" level=warning msg="No contact address has been configured."
time="2025-08-16T17:19:53+08:00" level=warning msg="Please consider adding a contact_address entry in your config.json"
goose: no migrations to run. current version: 20220321133237
time="2025-08-16T17:19:54+08:00" level=info msg="Please login with the username admin and the password 8a20b8bccf41dc69"        # 这是首次的默认密码
time="2025-08-16T17:19:54+08:00" level=info msg="Starting IMAP monitor manager"
time="2025-08-16T17:19:54+08:00" level=info msg="Starting phishing server at http://0.0.0.0:80"
time="2025-08-16T17:19:54+08:00" level=info msg="Background Worker Started Successfully - Waiting for Campaigns"
time="2025-08-16T17:19:54+08:00" level=info msg="Starting admin server at http://0.0.0.0:3333"



# 以下是下图启动时的日至
time="2025-08-16T17:19:54+08:00" level=info msg="Starting new IMAP monitor for user admin"
time="2025-08-16T17:20:01+08:00" level=info msg="172.16.186.1 - - [16/Aug/2025:17:20:01 +0800] \"GET / HTTP/1.1\" 307 51 \"\" \"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\""
time="2025-08-16T17:20:01+08:00" level=info msg="172.16.186.1 - - [16/Aug/2025:17:20:01 +0800] \"GET /login?next=%2F HTTP/1.1\" 200 1039 \"\" \"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\""
time="2025-08-16T17:20:02+08:00" level=info msg="172.16.186.1 - - [16/Aug/2025:17:20:02 +0800] \"GET /css/dist/gophish.css HTTP/1.1\" 200 52514 \"http://172.16.186.117:3333/login?next=%2F\" \"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\""
time="2025-08-16T17:20:02+08:00" level=info msg="172.16.186.1 - - [16/Aug/2025:17:20:02 +0800] \"GET /images/logo_inv_small.png HTTP/1.1\" 200 1118 \"http://172.16.186.117:3333/login?next=%2F\" \"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\""
time="2025-08-16T17:20:02+08:00" level=info msg="172.16.186.1 - - [16/Aug/2025:17:20:02 +0800] \"GET /images/logo_purple.png HTTP/1.1\" 200 4735 \"http://172.16.186.117:3333/login?next=%2F\" \"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\""
time="2025-08-16T17:20:02+08:00" level=info msg="172.16.186.1 - - [16/Aug/2025:17:20:02 +0800] \"GET /js/dist/vendor.min.js HTTP/1.1\" 200 324943 \"http://172.16.186.117:3333/login?next=%2F\" \"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\""
time="2025-08-16T17:20:03+08:00" level=info msg="172.16.186.1 - - [16/Aug/2025:17:20:03 +0800] \"GET /images/favicon.ico HTTP/1.1\" 200 1150 \"http://172.16.186.117:3333/login?next=%2F\" \"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\""

设置为后台服务

rambo@ubuntu24-1:~/gophish$ sudo vim /etc/systemd/system/gophish.service
[Unit]
Description=Gophish Phishing Framework
After=network.target

[Service]
Type=simple
User=rambo
Group=rambo
ExecStart=/bin/bash -c "/home/rambo/gophish/gophish"
WorkingDirectory=/home/rambo/gophish
Restart=always
RestartSec=5
Environment=PATH=/usr/bin:/usr/local/bin          # 防止systemd环境找不到依赖
StandardOutput=journal
StandardError=journal

[Install]
WantedBy=multi-user.target



rambo@ubuntu24-1:~/gophish$ sudo systemctl daemon-reload
rambo@ubuntu24-1:~/gophish$ sudo systemctl restart gophish && sudo systemctl enable gophish
rambo@ubuntu24-1:~/gophish$ sudo systemctl status gophish
● gophish.service - Gophish Phishing Framework
     Loaded: loaded (/etc/systemd/system/gophish.service; enabled; preset: enabled)
     Active: active (running) since Sat 2025-08-16 18:30:51 CST; 2min 3s ago
   Main PID: 41341 (gophish)
      Tasks: 7 (limit: 4558)
     Memory: 4.6M (peak: 5.1M)
        CPU: 70ms
     CGroup: /system.slice/gophish.service
             └─41341 /home/rambo/gophish/gophish

Aug 16 18:30:51 ubuntu24-1 systemd[1]: Started gophish.service - Gophish Phishing Framework.
Aug 16 18:30:51 ubuntu24-1 bash[41341]: time="2025-08-16T18:30:51+08:00" level=warning msg="No contact address has been configured."
Aug 16 18:30:51 ubuntu24-1 bash[41341]: time="2025-08-16T18:30:51+08:00" level=warning msg="Please consider adding a contact_address entry in your config.json"
Aug 16 18:30:51 ubuntu24-1 bash[41341]: goose: no migrations to run. current version: 20220321133237
Aug 16 18:30:51 ubuntu24-1 bash[41341]: time="2025-08-16T18:30:51+08:00" level=info msg="Starting phishing server at http://0.0.0.0:8080"
Aug 16 18:30:51 ubuntu24-1 bash[41341]: time="2025-08-16T18:30:51+08:00" level=info msg="Starting IMAP monitor manager"
Aug 16 18:30:51 ubuntu24-1 bash[41341]: time="2025-08-16T18:30:51+08:00" level=info msg="Starting new IMAP monitor for user admin"
Aug 16 18:30:51 ubuntu24-1 bash[41341]: time="2025-08-16T18:30:51+08:00" level=info msg="Starting admin server at http://0.0.0.0:3333"
Aug 16 18:30:51 ubuntu24-1 bash[41341]: time="2025-08-16T18:30:51+08:00" level=info msg="Background Worker Started Successfully - Waiting for Campaigns"

创建钓鱼页面

rambo@ubuntu24-1:~/gophish$ mkdir templates/training_login && cd templates/training_login
rambo@ubuntu24-1:~/gophish/templates/training_login$ vim template.html


# 创建 Email Templates 或 Landing Pages

<!DOCTYPE html>
<html>
<head>
  <title>内部安全培训</title>
  <style>
    body { font-family: Arial; text-align: center; margin-top: 50px; }
    input { display: block; margin: 10px auto; padding: 8px; }
    button { padding: 8px 16px; }
  </style>
</head>
<body>
  <h1>公司安全培训</h1>
  <p>请在下面输入示例账号（仅用于培训测试）</p>
  <form action="/submit" method="post">
    <input type="text" name="username" placeholder="用户名">
    <input type="password" name="password" placeholder="密码">
    <button type="submit">提交</button>
  </form>
  <p style="color:red;">注意：这是内部培训页面，请勿输入真实账号密码</p>
</body>
</html>

配合 Campaign 发送邮件给目标，点击邮件里的链接才会访问你的模板

posted @ 2025-08-16 18:41 Linux大魔王阅读(33) 评论(0) 收藏举报

刷新页面返回顶部

Linux大魔王

生活的理想就是理想的生活～

ubuntu24安装gofinsh

安装

设置为后台服务

创建钓鱼页面

配合 Campaign 发送邮件给目标，点击邮件里的链接才会访问你的模板

公告