Project 159 - Gone Phishing w/ Gophish

Описание: Steps Taken (in the order that they appear in the video):

Creating a Test Email To Test Configurations

1. Clicked Sending Profiles (to create a profile to send emails)

2. Clicked “+New Profile”

3. Details:

Name – Red Team

From – info [email protected]

Host – localhost:25

Username – [email protected] (this would be my actual email address in real life)

Password – penetrationtesting (this would be my actual password in real life)

*Left “Ignore Certificate Errors” checked off

4. Opened up Powershell and netstat -ano (to verify that port 25 for SMTP is in listening mode)

5. Clicked “Send Test Email”

6. Double clicked on targets.csv file on the Desktop (to choose target from the list users I enumerated)

7. Details (to send to dummy Intern account):

8. First Name: Vic, Last Name: Tim, Email: [email protected], Position Intern

9. Clicked “Send” button

10. Clicked on Thunderbird mail client (to view email client and verified that I received the test email)

Creating A Landing Page

11. Back in Gophish dashboard, clicked on “Landing Pages”

12. Name: INE Password Reset and Clicked “Import Site” button

13. URL: http://localhost:8080 (to import the contents hosted at this address)

14. Checked off “Capture Submitted Data”

15. Redirect to: http://localhost:8080 and Clicked “Save Page”

Creating Email Template

16. Went to Desktop, clicked on “Password Reset Email.txt”, and copied contents

17. Back in Gophish dashboard, clicked “+New Template” button

18. Name: INE Password Reset and clicked “Import Email”

19. Pasted contents of “Password Rest Email.txt” into space and clicked Import

20. Clicked the “HTML” tab to show what the actual visual display of the email will look like to the victims

21. Mentioned that we could add a malicious document by clicking on “+Add Files”

22. Clicked the “Save Template” button

Specifying Targets

23. Clicked “+New Group” (to create a group for the entire target organization)

24. Name: INE Employees and clicked “+Bulk Import Users”

25. Went to Desktop, clicked on target.csv file (to upload target list)

26. Clicked the “Save Changes” button

Executing Phishing Campaign

27. Clicked on “Campaigns” and “+New Campaign” button

28. Name, Email Template, Landing Page: INE Password Test

29. URL: http://localhost

30. Launch Date: set the day and time for

31. Sending Profile: Read Team

32. Groups: INE Employees and Clicked the “Launch Campaign” button

33. Mention the formats that the results can be exported to and the button that we can use to complete the campaign

34. Went back to Thunderbird and waited for scheduled phishing email to arrive in Vic Tim mailbox

35. Clicked the “Reset Password" button in the email (the link may or may not load)

36. Went back to Gophish dashboard to see that one email was opened and one was clicked