Phishing Campaign Toolkit

Overview

alt text

King Phisher Documentation Status GitHub Issues GitHub Downloads Slack Status

Phishing Campaign Toolkit

alt text

Installation

For instructions on how to install, please see the INSTALL.md file. After installing, for instructions on how to get started please see the wiki.

Overview

King Phisher is a tool for testing and promoting user awareness by simulating real world phishing attacks. It features an easy to use, yet very flexible architecture allowing full control over both emails and server content. King Phisher can be used to run campaigns ranging from simple awareness training to more complicated scenarios in which user aware content is served for harvesting credentials.

King Phisher is only to be used for legal applications when the explicit permission of the targeted organization has been obtained.

Get the latest stable version from the GitHub Releases Page or use git to checkout the project from source.

Feature Overview

  • Run multiple phishing campaigns simultaneously
  • Send email with embedded images for a more legitimate appearance
  • Optional Two-Factor authentication
  • Credential harvesting from landing pages
  • SMS alerts regarding campaign status
  • Web page cloning capabilities
  • Integrated Sender Policy Framework (SPF) checks
  • Geo location of phishing visitors
  • Send email with calendar invitations

Plugins

Both the client and server can be extended with functionality provided by plugins. A small number of plugins are packaged with King Phisher and additional ones are available in the Plugins repository.

Template Files

Template files for both messages and server pages can be found in the separate King Phisher Templates repository. Any contributions regarding templates should also be submitted via a pull request to the templates repository.

Documentation

Documentation for users of the application is provided on the project's wiki page. This includes steps to help new users get started with their first campaigns. Additional technical documentation intended for developers is kept seperate as outlined in section below.

Code Documentation

King Phisher uses Sphinx for internal technical documentation. This documentation can be generated from source with the command sphinx-build -b html docs/source docs/html. The latest documentation is kindly hosted on ReadTheDocs at king-phisher.readthedocs.io.

Message Template Variables

The client message templates are formatted using the Jinja2 templating engine and support a number of variables. These are included here as a reference, check the templates wiki page for comprehensive documentation.

Variable Name Variable Value
client.company_name The target's company name
client.email_address The target's email address
client.first_name The target's first name
client.last_name The target's last name
client.message_id The unique tracking identifier (this is the same as uid)
sender.email The email address in the "Source Email (MIME)" field
sender.friendly_alias The value of the "Friendly Alias" field
sender.reply_to The value of the "Reply To" field
url.tracking_dot URL of an image used for message tracking
url.webserver Phishing server URL with the uid parameter
url.webserver_raw Phishing server URL without any parameters
tracking_dot_image_tag The tracking image in a preformatted <img /> tag
uid The unique tracking identifier (this is the same as client.message_id)

The uid is the most important, and must be present in links that the messages contain.

License

King Phisher is released under the BSD 3-clause license, for more details see the LICENSE file.

Credits

Special Thanks (QA / Beta Testing):

  • Jake Garlie - jagar
  • Jeremy Schoeneman - Shad0wman
  • Bryan Sfara
  • Ken Smith - p4tchw0rk
  • Brianna Whittaker

King Phisher Development Team:

Comments
  • King fisher ssh credentials for windows

    King fisher ssh credentials for windows

    Issue Description

    i've install king fisher , but i didnt find config guide for windows version, and when i run kingfisher the first page ask me for credentials, where can i find default credentials see attached screen captur

    Reproduction Steps

    1. Start King Phisher
    2. Do something to trigger the crash

    Error Details / Stack Trace

    Copy details from the logs or client dialog here.
    [```](url)
    
    
    question 
    opened by Hemza 53
  • Unit king-phisher.service entered failed state.

    Unit king-phisher.service entered failed state.

    Issue Description

    I'm having issue starting king-phisher server after matching PostgreSQL DB password with King-Phisher server. I just upgraded to the latest version 1.13.1 and service wont start.
    found out it was complaining about "CRITICAL server failed to build with error: failed to execute postgresql query 'SELECT usename FROM pg_user' via su and psql" and I ALTER USER king_phisher WITH PASSWORD 'new password'; but still wont start.

    Reproduction Step

    systemctl start king-phisher.service result output Job for king-phisher.service failed because a configured resource limit was exceeded. See "systemctl status king-phisher.service" and "journalctl -xe" for details.

    checked journalctl -xe with this command "journalctl -u king-phisher" and result output is [[email protected] king-phisher]# journalctl -u king-phisher -- Logs begin at Mon 2019-07-15 19:10:57 EDT, end at Tue 2019-07-16 10:17:15 EDT. -- Jul 15 19:11:11 d1terll.com systemd[1]: Starting King Phisher Server... Jul 15 19:11:13 d1terll.com python3[1410]: Loading .env environment variables… Jul 15 19:11:17 d1terll.com systemd[1]: PID file /var/run/king-phisher.pid not readable (yet?) after start. Jul 15 19:11:17 d1terll.com runuser[2653]: pam_unix(runuser:session): session opened for user postgres by (uid=0) Jul 15 19:11:17 d1terll.com su[2680]: (to postgres) root on none Jul 15 19:11:18 d1terll.com python3[1410]: CRITICAL server failed to build with error: failed to execute postgresql query 'SELECT usename FROM pg_u Jul 15 19:11:18 d1terll.com systemd[1]: king-phisher.service never wrote its PID file. Failing. Jul 15 19:11:18 d1terll.com systemd[1]: Failed to start King Phisher Server. Jul 15 19:11:18 d1terll.com systemd[1]: Unit king-phisher.service entered failed state. Jul 15 19:11:18 d1terll.com systemd[1]: king-phisher.service failed.

    when i check status, i get below output as well.

    [[email protected] king-phisher]# systemctl status king-phisher.service ● king-phisher.service - King Phisher Server Loaded: loaded (/usr/lib/systemd/system/king-phisher.service; enabled; vendor preset: disabled) Active: failed (Result: resources) since Tue 2019-07-16 10:17:15 EDT; 11min ago Process: 24916 ExecStart=/usr/bin/python3 /opt/king-phisher/KingPhisherServer /opt/king-phisher/server_config.yml (code=exited, status=0/SUCCESS)

    Jul 16 10:17:14 d1terll.com systemd[1]: Starting King Phisher Server... Jul 16 10:17:14 d1terll.com python3[24916]: Loading .env environment variables… Jul 16 10:17:15 d1terll.com runuser[24929]: pam_unix(runuser:session): session opened for user postgres by (uid=0) Jul 16 10:17:15 d1terll.com su[24952]: (to postgres) root on none Jul 16 10:17:15 d1terll.com python3[24916]: CRITICAL server failed to build with error: failed to execute postgresql query 'SELECT usename FROM ... and psql Jul 16 10:17:15 d1terll.com systemd[1]: PID file /var/run/king-phisher.pid not readable (yet?) after start. Jul 16 10:17:15 d1terll.com systemd[1]: king-phisher.service never wrote its PID file. Failing. Jul 16 10:17:15 d1terll.com systemd[1]: Failed to start King Phisher Server. Jul 16 10:17:15 d1terll.com systemd[1]: Unit king-phisher.service entered failed state. Jul 16 10:17:15 d1terll.com systemd[1]: king-phisher.service failed. Hint: Some lines were ellipsized, use -l to show in full.

    Environment Details

    Host OS: NAME="Red Hat Enterprise Linux Server" VERSION="7.4 (Maipo)" King Phisher Version:1.13.1

    Error Details / Stack Trace

    CRITICAL server failed to build with error: failed to execute postgresql query 'SELECT usename FROM pg_u

    help me server 
    opened by Deensk 39
  • Unable to login to client

    Unable to login to client

    Issue Description

    Unable to login to KingPhisher: Login failed: An unknown error occurred.

    Reproduction Steps

    1. Start King Phisher
    2. Do something to trigger the crash

    Environment Details

    Host OS: Kali 2018.4 KingPhisher Version: 1.11.0

    Error Details / Stack Trace

    DEBUG    king phisher version: 1.11.0 python version: 3.6.6
    INFO     listening on 0.0.0.0:80
    INFO     serving files has been enabled
    INFO     initializing database connection with driver postgresql
    DEBUG    postgresql-setup was not found
    INFO     postgresql service is not running, starting it now via systemctl
    [email protected] ~> DEBUG    postgresql service successfully started via systemctl
    [email protected] ~> sysDEBUG    current database schema version: 8 (latest)
    DEBUG    connected to postgresql database: king_phisher
    INFO     restored 0 valid sessions and skipped 0 expired sessions from the database
    DEBUG    use pam service 'sshd' for authentication
    DEBUG    forked an authenticating process with pid: 2339
    INFO     the job manager has been started
    INFO     adding new job with id: 63d3746f-2680-4710-a21f-b017a1a67d1f and callback function: ping_all
    DEBUG    web socket manager worker running in tid: 0x7fad990cb700
    INFO     including 4 custom http headers
    INFO     server running in process: 2275 main tid: 0x7fada15b6740
    INFO     dropped privileges to the king-phisher account
    DEBUG    executing job with id: 63d3746f-2680-4710-a21f-b017a1a67d1f and callback function: ping_all
    [email protected] ~> DEBUG    executing job with id: 63d3746f-2680-4710-a21f-b017a1a67d1f and callback function: ping_all
    DEBUG    127.0.0.1 tid: 0x7fad988ca700 running http request handler
    DEBUG    calling RPC method rpc_version()
    INFO     127.0.0.1 "RPC /version HTTP/1.1" 200 -
    DEBUG    127.0.0.1 tid: 0x7fad988ca700 running http request handler
    DEBUG    sent request with sequence number 0 and action 'authenticate'
    DEBUG    received request with sequence number 0 and action 'authenticate'
    DEBUG    pam returned code: 0 reason: 'Success' for user root after 0.05 seconds
    DEBUG    sent response with sequence number 0
    DEBUG    received response with sequence number 0
    INFO     user root has successfully authenticated
    INFO     successful login request from 127.0.0.1 for user root
    INFO     127.0.0.1 "RPC /login HTTP/1.1" 200 -
    DEBUG    127.0.0.1 tid: 0x7fad988ca700 running http request handler
    INFO     127.0.0.1 "GET /_/ws/events/json HTTP/1.1" 101 -
    INFO     web socket has been connected
    DEBUG    127.0.0.1 tid: 0x7fad90966700 running http request handler
    DEBUG    calling RPC method rpc_version()
    INFO     127.0.0.1 "RPC /version HTTP/1.1" 200 -
    DEBUG    127.0.0.1 tid: 0x7fad90966700 running http request handler
    DEBUG    checking authentication for user root with cached password hash
    INFO     invalidated 1 previously existing session for user 1
    INFO     successful login request from 127.0.0.1 for user root
    INFO     127.0.0.1 "RPC /login HTTP/1.1" 200 -
    DEBUG    127.0.0.1 tid: 0x7fad90966700 running http request handler
    INFO     127.0.0.1 "GET /_/ws/events/json HTTP/1.1" 101 -
    INFO     web socket has been connected
    DEBUG    executing job with id: 63d3746f-2680-4710-a21f-b017a1a67d1f and callback function: ping_all
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    executing job with id: 63d3746f-2680-4710-a21f-b017a1a67d1f and callback function: ping_all
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    executing job with id: 63d3746f-2680-4710-a21f-b017a1a67d1f and callback function: ping_all
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    executing job with id: 63d3746f-2680-4710-a21f-b017a1a67d1f and callback function: ping_all
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    executing job with id: 63d3746f-2680-4710-a21f-b017a1a67d1f and callback function: ping_all
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    executing job with id: 63d3746f-2680-4710-a21f-b017a1a67d1f and callback function: ping_all
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    executing job with id: 63d3746f-2680-4710-a21f-b017a1a67d1f and callback function: ping_all
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    executing job with id: 63d3746f-2680-4710-a21f-b017a1a67d1f and callback function: ping_all
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    executing job with id: 63d3746f-2680-4710-a21f-b017a1a67d1f and callback function: ping_all
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    executing job with id: 63d3746f-2680-4710-a21f-b017a1a67d1f and callback function: ping_all
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    127.0.0.1 tid: 0x7fad87fff700 running http request handler
    INFO     127.0.0.1 "RPC /ping HTTP/1.1" 401 -
    DEBUG    127.0.0.1 tid: 0x7fad87fff700 running http request handler
    DEBUG    calling RPC method rpc_ping()
    INFO     127.0.0.1 "RPC /ping HTTP/1.1" 200 -
    DEBUG    executing job with id: 63d3746f-2680-4710-a21f-b017a1a67d1f and callback function: ping_all
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    executing job with id: 63d3746f-2680-4710-a21f-b017a1a67d1f and callback function: ping_all
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    127.0.0.1 tid: 0x7fad87fff700 running http request handler
    DEBUG    calling RPC method rpc_version()
    INFO     127.0.0.1 "RPC /version HTTP/1.1" 200 -
    DEBUG    127.0.0.1 tid: 0x7fad87fff700 running http request handler
    DEBUG    checking authentication for user root with cached password hash
    INFO     invalidated 1 previously existing session for user 1
    INFO     successful login request from 127.0.0.1 for user root
    INFO     127.0.0.1 "RPC /login HTTP/1.1" 200 -
    DEBUG    127.0.0.1 tid: 0x7fad87fff700 running http request handler
    INFO     127.0.0.1 "GET /_/ws/events/json HTTP/1.1" 101 -
    INFO     web socket has been connected
    DEBUG    executing job with id: 63d3746f-2680-4710-a21f-b017a1a67d1f and callback function: ping_all
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    received message (len: 16 opcode: 0x0a fin: True)
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    processing pong (opcode: 0x0a) message
    DEBUG    executing job with id: 63d3746f-2680-4710-a21f-b017a1a67d1f and callback function: ping_all
    
    -------------------------------------------
    
    Client log:
    
    ERROR    failed to connect to the server event socket
    ERROR    failed to connect the server event socket
    ERROR    failed to connect to the server event socket
    ERROR    failed to connect the server event socket
    ERROR    error uid: 0538de99-0b4a-4038-b61f-27a66e4f9341 an unhandled exception was thrown
    Traceback (most recent call last):
      File "/usr/share/king-phisher/king_phisher/client/client_rpc.py", line 421, in ping
        return self.call('ping')
      File "/usr/lib/python3/dist-packages/advancedhttpserver.py", line 601, in call
        raise RPCError(resp.reason, resp.status)
    advancedhttpserver.RPCError: the server responded with 401 'Unauthorized'
    ERROR    failed to connect to the server event socket
    ERROR    failed to connect the server event socket
    
    
    can't reproduce help me client 
    opened by polux1 33
  • KingPhiser client

    KingPhiser client

    Failed To Connect To The King Phisher RPC Service Ensure that the King Phisher Server is currently running.

    WARNING failed to connect to the remote rpc service and this stack trace from the client's command line:

    Traceback (most recent call last): File "/path/to/king-phisher/king_phisher/client/application.py", line 471, in server_connect server_version_info = rpc('version') File "/usr/local/lib/python2.7/dist-packages/AdvancedHTTPServer.py", line 495, in call return self.call(*args, **kwargs) File "/usr/local/lib/python2.7/dist-packages/AdvancedHTTPServer.py", line 546, in call resp = self.client.getresponse() File "/usr/lib/python2.7/httplib.py", line 1073, in getresponse response.begin() File "/usr/lib/python2.7/httplib.py", line 415, in begin version, status, reason = self._read_status() File "/usr/lib/python2.7/httplib.py", line 379, in _read_status raise BadStatusLine(line) BadStatusLine: ''

    help me 
    opened by seanjackson 30
  • simplejson

    simplejson

    having issues with king-phisher...upgraded kali got this issue...

    Traceback (most recent call last): File "./KingPhisher", line 49, in from king_phisher.client import application File "/usr/share/king-phisher/king_phisher/client/application.py", line 61, in from king_phisher.client.windows import main File "/usr/lib/python3/dist-packages/pluginbase.py", line 439, in plugin_import fromlist, level) File "/usr/share/king-phisher/king_phisher/client/windows/init.py", line 33, in from .main import * File "/usr/lib/python3/dist-packages/pluginbase.py", line 439, in plugin_import fromlist, level) File "/usr/share/king-phisher/king_phisher/client/windows/main.py", line 40, in from king_phisher.client import export File "/usr/lib/python3/dist-packages/pluginbase.py", line 439, in plugin_import fromlist, level) File "/usr/share/king-phisher/king_phisher/client/export.py", line 54, in import geojson File "/usr/lib/python3/dist-packages/pluginbase.py", line 439, in plugin_import fromlist, level) File "/usr/lib/python3/dist-packages/geojson/init.py", line 1, in from geojson.codec import dump, dumps, load, loads, GeoJSONEncoder File "/usr/lib/python3/dist-packages/pluginbase.py", line 439, in plugin_import fromlist, level) File "/usr/lib/python3/dist-packages/geojson/codec.py", line 11, in class GeoJSONEncoder(json.JSONEncoder): AttributeError: module 'simplejson' has no attribute 'JSONEncoder'

    bug install help me 
    opened by TheUnable 29
  • Still get Apache default page

    Still get Apache default page

    Issue Description

    Installed KP according to KP guide. Everything seems to install fine but when I click on the email link I get sent to Apache default page. I did install python-certbot-apache which I think is installing Apache.

    image

    image

    Reproduction Steps

    1. Start King Phisher
    2. Send a test email
    3. Click on link and get a default Apache page.

    Environment Details

    Host OS: Ubuntu 16.04 King Phisher Version: 1.12.0-beta

    Error Details / Stack Trace

    No errors

    If you are opening an issue regarding the client, copy text from the "Error
    Details" of the error dialog in the client here. If you are opening an issue
    regarding the server copy the relevant lines from the logs here.
    
    help me 
    opened by mother2110 27
  • Unable to Login to KingPhisher.  Not sure what has changed in the past week?

    Unable to Login to KingPhisher. Not sure what has changed in the past week?

    Issue Description

    Unable to Login to KingPhisher. I rebooted my Kali Linux and launched ./KingPhisher. The client GUI popped up and I tried to login. Logs showed this.

    EBUG 127.0.0.1 tid: 0x7f1ed37fe700 running http request handler DEBUG calling RPC method rpc_version() INFO 127.0.0.1 "RPC /version HTTP/1.1" 200 - DEBUG 127.0.0.1 tid: 0x7f1ed37fe700 running http request handler DEBUG sent request with sequence number 0 and action 'authenticate' DEBUG received request with sequence number 0 and action 'authenticate' DEBUG pam returned code: 0 reason: 'Success' for user root after 0.03 seconds DEBUG sent response with sequence number 0 DEBUG received response with sequence number 0 INFO user root has successfully authenticated INFO successful login request from 127.0.0.1 for user root

    However, the client GUI showed Login Failed. Why the discrepancy? Then, I got this error below.

    rror Type: advancedhttpserver.RPCError Error Details: RPCError(message='Unauthorized', status=401, remote_exception=False) Error UID: 94c43c84-e7b0-46ec-902e-142f1cd813de RPC Error: N/A (Not a remote RPC error) King Phisher Version: 1.10.0 (rev: 63aaf4772ed9) Platform Version: Linux: Kali kali-rolling kali-rolling Python Version: 3.6.5 Gtk Version: 3.22.29 Timezone: America/Los_Angeles

    Thread Information: => MainThread (alive=True daemon=False)

    Stack Trace: Traceback (most recent call last): File "/opt/king-phisher/king_phisher/client/client_rpc.py", line 421, in ping return self.call('ping') File "/usr/local/lib/python3.6/dist-packages/advancedhttpserver.py", line 601, in call raise RPCError(resp.reason, resp.status) advancedhttpserver.RPCError: the server responded with 401 'Unauthorized'

    Reproduction Steps

    1. Start King Phisher
    2. Login fails via the client GUI.

    Environment Details

    Host OS: Kali2 2018.1 King Phisher Version: installed

    Error Details / Stack Trace

    If you are opening an issue regarding the client, copy text from the "Error
    Details" of the error dialog in the client here. If you are opening an issue
    regarding the server copy the relevant lines from the logs here.
    
    bug can't reproduce client 
    opened by chrisandjer949 26
  • Error building Server

    Error building Server

    Issue Description

    There are several issues but lets start one by one: i followed instructions to build KP server but debugging config file throws below error:


    DEBUG king phisher version: 1.9.0 python version: 3.5.2 ERROR failed to bind server to address (socket error #98) ERROR socket error #98 (Address already in use)

    Traceback (most recent call last): File "/opt/king-phiser/king_phisher/server/build.py", line 145, in server_from_config server = KingPhisherServer(config, plugin_manager, handler_klass, addresses=addresses, ssl_certfile=ssl_certfile, ssl_keyfile=ssl_keyfile) File "/opt/king-phiser/king_phisher/server/server.py", line 843, in init super(KingPhisherServer, self).init(handler_klass, *args, **kwargs) File "/usr/local/lib/python3.5/dist-packages/advancedhttpserver.py", line 1780, in init server = server_klass((address[0], address[1]), handler_klass, config=self.__config) File "/usr/local/lib/python3.5/dist-packages/advancedhttpserver.py", line 703, in init super(ServerNonThreaded, self).init(*args, **kwargs) File "/usr/lib/python3.5/socketserver.py", line 440, in init self.server_bind() File "/usr/local/lib/python3.5/dist-packages/advancedhttpserver.py", line 771, in server_bind super(ServerNonThreaded, self).server_bind(*args, **kwargs) File "/usr/lib/python3.5/http/server.py", line 138, in server_bind socketserver.TCPServer.server_bind(self) File "/usr/lib/python3.5/socketserver.py", line 454, in server_bind self.socket.bind(self.server_address) OSError: [Errno 98] Address already in use CRITICAL server failed to build with error: socket error #98 (Address already in use) INFO unloading 0 plugins

    Reproduction Steps

    1. Able to start KP server but not able to launch client as both reside on same server.

    Environment Details

    Host OS: Ubuntu 16.04 GNOME, etc. King Phisher Version: 1.9.0

    Error Details / Stack Trace

    1. KP server is running on port 80. I disabled Apache on the server.

    2. Details from /var/log/king-phisher.log 2018-01-04 12:02:06,275 KingPhisher.Server.CLI CRITICAL server failed to build with error: socket error #98 (Address already in use)

    3. Unable to launch client from same KP server Traceback (most recent call last): File "./KingPhisher", line 49, in from king_phisher.client import application File "/opt/king-phiser/king_phisher/client/application.py", line 52, in from king_phisher.client import assistants File "/opt/king-phiser/king_phisher/client/assistants/init.py", line 33, in from .campaign import * File "/opt/king-phiser/king_phisher/client/assistants/campaign.py", line 36, in from king_phisher.client import gui_utilities File "/opt/king-phiser/king_phisher/client/gui_utilities.py", line 517 elif len(error.args) > 1: ^ SyntaxError: invalid syntax

    Please advice.

    If you are opening an issue regarding the client, copy text from the "Error
    Details" of the error dialog in the client here. If you are opening an issue
    regarding the server copy the relevant lines from the logs here.
    
    help me client server 
    opened by SJHsimkaur 26
  • Using this in a Google environment

    Using this in a Google environment

    Feature Description

    I have a client that is using GSuite Gmail and all phishing campaigns get flagged as "This message seems dangerous". I know this is a good thing but the client wants to train employees. Is there any setting in KP that can bypass this?

    Alternatives Solutions

    I am also trying to look into allowing my campaign through GSuite as well.

    Example Use Case

    help me client stale 
    opened by mother2110 25
  • Landing page Probleme

    Landing page Probleme

    Issue Description

    Hi, I install king-phsiher and hoste landing page (Shell - Anti-Virus_Update (from king-phisher templates) on /var/www/html

    Reproduction Steps

    1. Start King Phisher
    2. configure phishing compaign
    3. enter web server Url --> verify Url send successful message
    4. send landing page to users,

    Error Details / Stack Trace

    Attached image KP doesn't get compaign parameters ( companu name ...) landinf page antivirus update

    the KP doesnt get users visits and credentials

    Copy details from the logs or client dialog here.

    invalid question 
    opened by Itrustsecurity 25
  • Can't install King-phisher on Centos 7

    Can't install King-phisher on Centos 7

    Issue Description

    I get a stack trace when I install King phisher on Centos7

    Reproduction Steps

    1. Clone King Phisher
    2. run installation script

    Environment Details

    Host OS: CentOs7

    Error Details / Stack Trace

    [[email protected] ~]# cd /opt/king-phisher/ [[email protected] king-phisher]# tools/install.sh Linux version detected as CentOS Skipping installing King Phisher Client components Install and use PostgreSQL? (Highly recommended and required for upgrading) [Y/n ] n Git repo found at /opt/king-phisher Installing CentOS dependencies Loaded plugins: fastestmirror, langpacks base | 3.6 kB 00:00 epel/x86_64/metalink | 41 kB 00:00 extras | 3.4 kB 00:00 updates | 3.4 kB 00:00 Loading mirror speeds from cached hostfile

    • base: mirrors.coreix.net

    • epel: epel.check-update.co.uk

    • extras: mirrors.coreix.net

    • updates: mirrors.coreix.net Package epel-release-7-8.noarch already installed and latest version Nothing to do Loaded plugins: fastestmirror, langpacks Loading mirror speeds from cached hostfile

    • base: mirrors.coreix.net

    • epel: fr.mirror.babylon.network

    • extras: mirrors.coreix.net

    • updates: mirrors.coreix.net Package freetype-devel-2.4.11-11.el7.x86_64 already installed and latest version Package gcc-4.8.5-4.el7.x86_64 already installed and latest version Package gcc-c++-4.8.5-4.el7.x86_64 already installed and latest version Package 2:libpng-devel-1.5.13-7.el7_2.x86_64 already installed and latest versio n Package 1:make-3.82-21.el7.x86_64 already installed and latest version Package postgresql-devel-9.2.15-1.el7_2.x86_64 already installed and latest vers ion No package python3-devel available. No package python3-pip available. Nothing to do Installing Python package dependencies from PyPi Requirement already up-to-date: pip in /usr/lib/python3.4/site-packages/pip-9.0. 1-py3.4.egg Requirement already up-to-date: setuptools in /usr/lib/python2.7/site-packages Requirement already up-to-date: six in /usr/lib/python2.7/site-packages Ignoring ipaddress: markers 'python_version < "3.3"' don't match your environmen t Requirement already satisfied: advancedhttpserver>=2.0.6 in /usr/lib/python2.7/s ite-packages (from -r requirements.txt (line 3)) Requirement already satisfied: alembic>=0.8.8 in /usr/lib/python2.7/site-package s (from -r requirements.txt (line 4)) Requirement already satisfied: blinker>=1.4 in /usr/lib/python2.7/site-packages (from -r requirements.txt (line 5)) Requirement already satisfied: boltons>=16.5.0 in /usr/lib/python2.7/site-packag es (from -r requirements.txt (line 6)) Requirement already satisfied: dnspython>=1.14.0 in /usr/lib/python2.7/site-pack ages (from -r requirements.txt (line 7)) Requirement already satisfied: geoip2>=2.4.0 in /usr/lib/python2.7/site-packages (from -r requirements.txt (line 8)) Requirement already satisfied: geojson>=1.3.3 in /usr/lib/python2.7/site-package s (from -r requirements.txt (line 9)) Requirement already satisfied: icalendar>=3.10 in /usr/lib/python2.7/site-packag es (from -r requirements.txt (line 10)) Requirement already satisfied: Jinja2>=2.8 in /usr/lib/python2.7/site-packages ( from -r requirements.txt (line 12)) Requirement already satisfied: markupsafe>=0.23 in /usr/lib/python3.4/site-packa ges (from -r requirements.txt (line 13)) Requirement already satisfied: matplotlib>=1.5.3 in /usr/lib64/python3.4/site-pa ckages (from -r requirements.txt (line 14)) Requirement already satisfied: msgpack-python>=0.4.8 in /usr/lib64/python3.4/sit e-packages (from -r requirements.txt (line 15)) Requirement already satisfied: paramiko>=2.0.2 in /usr/lib/python2.7/site-packag es (from -r requirements.txt (line 16)) Requirement already satisfied: pluginbase>=0.4 in /usr/lib/python2.7/site-packag es (from -r requirements.txt (line 17)) Collecting psycopg2>=2.6.2 (from -r requirements.txt (line 18)) Using cached psycopg2-2.6.2.tar.gz Requirement already satisfied: pyotp>=2.2.1 in /usr/lib/python2.7/site-packages (from -r requirements.txt (line 19)) Requirement already satisfied: python-dateutil>=2.5.3 in /usr/lib/python2.7/site -packages (from -r requirements.txt (line 20)) Requirement already satisfied: python-pam>=1.8.2 in /usr/lib/python2.7/site-pack ages (from -r requirements.txt (line 21)) Requirement already satisfied: pytz>=2016.6.1 in /usr/lib/python2.7/site-package s (from -r requirements.txt (line 22)) Collecting PyYAML>=3.12 (from -r requirements.txt (line 23)) Using cached PyYAML-3.12.tar.gz Requirement already satisfied: requests>=2.11.1 in /usr/lib/python2.7/site-packa ges (from -r requirements.txt (line 24)) Requirement already satisfied: six>=1.10.0 in /usr/lib/python2.7/site-packages ( from -r requirements.txt (line 25)) Requirement already satisfied: smoke-zephyr>=1.1.0 in /usr/lib/python2.7/site-pa ckages (from -r requirements.txt (line 26)) Requirement already satisfied: SQLAlchemy>=1.0.15 in /usr/lib/python3.4/site-pac kages (from -r requirements.txt (line 27)) Requirement already satisfied: termcolor>=1.1.0 in /usr/lib/python2.7/site-packa ges (from -r requirements.txt (line 28)) Requirement already satisfied: tzlocal>=1.2.2 in /usr/lib/python2.7/site-package s (from -r requirements.txt (line 29)) Requirement already satisfied: XlsxWriter>=0.9.3 in /usr/lib/python2.7/site-pack ages (from -r requirements.txt (line 30)) Requirement already satisfied: Mako in /usr/lib/python2.7/site-packages (from al embic>=0.8.8->-r requirements.txt (line 4)) Requirement already satisfied: python-editor>=0.3 in /usr/lib/python2.7/site-pac kages (from alembic>=0.8.8->-r requirements.txt (line 4)) Requirement already satisfied: maxminddb>=1.2.1 in /usr/lib/python2.7/site-packa ges (from geoip2>=2.4.0->-r requirements.txt (line 8)) Requirement already satisfied: setuptools in /usr/lib/python2.7/site-packages (f rom geojson>=1.3.3->-r requirements.txt (line 9)) Requirement already satisfied: cycler in /usr/lib/python2.7/site-packages (from matplotlib>=1.5.3->-r requirements.txt (line 14)) Requirement already satisfied: numpy>=1.6 in /usr/lib64/python3.4/site-packages (from matplotlib>=1.5.3->-r requirements.txt (line 14)) Requirement already satisfied: pyparsing!=2.0.0,!=2.0.4,!=2.1.2,>=1.5.6 in /usr/ lib/python2.7/site-packages (from matplotlib>=1.5.3->-r requirements.txt (line 1 4)) Requirement already satisfied: pyasn1>=0.1.7 in /usr/lib/python2.7/site-packages (from paramiko>=2.0.2->-r requirements.txt (line 16)) Collecting cryptography>=1.1 (from paramiko>=2.0.2->-r requirements.txt (line 16 )) Using cached cryptography-1.6.tar.gz Requirement already satisfied: ipaddress in /usr/lib/python2.7/site-packages (fr om maxminddb>=1.2.1->geoip2>=2.4.0->-r requirements.txt (line 8)) Requirement already satisfied: idna>=2.0 in /usr/lib/python2.7/site-packages (fr om cryptography>=1.1->paramiko>=2.0.2->-r requirements.txt (line 16)) Requirement already satisfied: cffi>=1.4.1 in /usr/lib64/python3.4/site-packages (from cryptography>=1.1->paramiko>=2.0.2->-r requirements.txt (line 16)) Requirement already satisfied: pycparser in /usr/lib/python2.7/site-packages (fr om cffi>=1.4.1->cryptography>=1.1->paramiko>=2.0.2->-r requirements.txt (line 16 )) Installing collected packages: psycopg2, PyYAML, cryptography Running setup.py install for psycopg2 ... error Complete output from command /usr/bin/python3 -u -c "import setuptools, toke nize;file='/tmp/pip-build-wbc8zdtb/psycopg2/setup.py';f=getattr(tokenize, 'o pen', open)(file);code=f.read().replace('\r\n', '\n');f.close();exec(compile (code, file, 'exec'))" install --record /tmp/pip-ld24ykke-record/install-rec ord.txt --single-version-externally-managed --compile: running install running build running build_py creating build creating build/lib.linux-x86_64-3.4 creating build/lib.linux-x86_64-3.4/psycopg2 copying lib/tz.py -> build/lib.linux-x86_64-3.4/psycopg2 copying lib/pool.py -> build/lib.linux-x86_64-3.4/psycopg2 copying lib/extras.py -> build/lib.linux-x86_64-3.4/psycopg2 copying lib/extensions.py -> build/lib.linux-x86_64-3.4/psycopg2 copying lib/_range.py -> build/lib.linux-x86_64-3.4/psycopg2 copying lib/init.py -> build/lib.linux-x86_64-3.4/psycopg2 copying lib/psycopg1.py -> build/lib.linux-x86_64-3.4/psycopg2 copying lib/_json.py -> build/lib.linux-x86_64-3.4/psycopg2 copying lib/errorcodes.py -> build/lib.linux-x86_64-3.4/psycopg2 creating build/lib.linux-x86_64-3.4/psycopg2/tests copying tests/test_errcodes.py -> build/lib.linux-x86_64-3.4/psycopg2/tests copying tests/dbapi20.py -> build/lib.linux-x86_64-3.4/psycopg2/tests copying tests/test_bug_gc.py -> build/lib.linux-x86_64-3.4/psycopg2/tests copying tests/test_async.py -> build/lib.linux-x86_64-3.4/psycopg2/tests copying tests/testconfig.py -> build/lib.linux-x86_64-3.4/psycopg2/tests copying tests/test_quote.py -> build/lib.linux-x86_64-3.4/psycopg2/tests copying tests/test_extras_dictcursor.py -> build/lib.linux-x86_64-3.4/psycop g2/tests copying tests/test_types_basic.py -> build/lib.linux-x86_64-3.4/psycopg2/tes ts copying tests/test_transaction.py -> build/lib.linux-x86_64-3.4/psycopg2/tes ts copying tests/test_cancel.py -> build/lib.linux-x86_64-3.4/psycopg2/tests copying tests/test_dates.py -> build/lib.linux-x86_64-3.4/psycopg2/tests copying tests/test_lobject.py -> build/lib.linux-x86_64-3.4/psycopg2/tests copying tests/dbapi20_tpc.py -> build/lib.linux-x86_64-3.4/psycopg2/tests copying tests/test_copy.py -> build/lib.linux-x86_64-3.4/psycopg2/tests copying tests/test_types_extras.py -> build/lib.linux-x86_64-3.4/psycopg2/te sts copying tests/test_psycopg2_dbapi20.py -> build/lib.linux-x86_64-3.4/psycopg 2/tests copying tests/test_module.py -> build/lib.linux-x86_64-3.4/psycopg2/tests copying tests/init.py -> build/lib.linux-x86_64-3.4/psycopg2/tests copying tests/test_green.py -> build/lib.linux-x86_64-3.4/psycopg2/tests copying tests/testutils.py -> build/lib.linux-x86_64-3.4/psycopg2/tests copying tests/test_with.py -> build/lib.linux-x86_64-3.4/psycopg2/tests copying tests/test_cursor.py -> build/lib.linux-x86_64-3.4/psycopg2/tests copying tests/test_connection.py -> build/lib.linux-x86_64-3.4/psycopg2/test s copying tests/test_notify.py -> build/lib.linux-x86_64-3.4/psycopg2/tests copying tests/test_bugX000.py -> build/lib.linux-x86_64-3.4/psycopg2/tests Skipping optional fixer: buffer Skipping optional fixer: idioms Skipping optional fixer: set_literal Skipping optional fixer: ws_comma running build_ext building 'psycopg2._psycopg' extension creating build/temp.linux-x86_64-3.4 creating build/temp.linux-x86_64-3.4/psycopg gcc -pthread -Wno-unused-result -DDYNAMIC_ANNOTATIONS_ENABLED=1 -DNDEBUG -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong -- param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -D_GNU_SOURCE -fPIC -fwrapv -fPIC -DPSYCOPG_DEFAULT_PYDATETIME=1 -DPSYCOPG_VERSION="2.6.2 (dt dec pq3 ext)" -DPG_VERSION_HEX=0x09020F -I/usr/include/python3.4m -I. -I/usr/inc lude -I/usr/include/pgsql/server -c psycopg/psycopgmodule.c -o build/temp.linux- x86_64-3.4/psycopg/psycopgmodule.o -Wdeclaration-after-statement In file included from psycopg/psycopgmodule.c:27:0: ./psycopg/psycopg.h:30:20: fatal error: Python.h: No such file or directory #include <Python.h> ^ compilation terminated. error: command 'gcc' failed with exit status 1


    Command "/usr/bin/python3 -u -c "import setuptools, tokenize;file='/tmp/pip- build-wbc8zdtb/psycopg2/setup.py';f=getattr(tokenize, 'open', open)(file);co de=f.read().replace('\r\n', '\n');f.close();exec(compile(code, file, 'exec') )" install --record /tmp/pip-ld24ykke-record/install-record.txt --single-version -externally-managed --compile" failed with error code 1 in /tmp/pip-build-wbc8zd tb/psycopg2/ Failed to install python requirements with pip [[email protected] king-phisher]#

    bug install 
    opened by Ben3Othman 23
  • Getting this error trying to install and it is causing issues when am trying to start ./KingPhisher

    Getting this error trying to install and it is causing issues when am trying to start ./KingPhisher

    Issue Description

    I experience an issue when I... and the results I expected are...

    Reproduction Steps

    1. Start King Phisher
    2. Do something to trigger the crash

    Environment Details

    Host OS: Ubuntu 18.04 GNOME, Kali 2, etc. King Phisher Version: x.y.z

    Error Details / Stack Trace

    If you are opening an issue regarding the client, copy text from the "Error
    Details" of the error dialog in the client here. If you are opening an issue
    regarding the server copy the relevant lines from the logs here.
    
    opened by carlsmallzz 0
  • King Phisher Issue

    King Phisher Issue

    I am having issues installing king-phisher on my kali linux vm. I have followed a few different guides now and I have run into this issue after finding the securestate installation guide. I cant seem to launch king-phisher as it says its missing .venv files and pipenv. I have tried to fix the pipenv issue but no luck. Someone please help! Reproduction Steps

    1. Start King Phisher
    2. Can't even launch King Phisher

    Environment Details

    Host OS: Kali 2 King Phisher (newest)

    Error Details / Stack Trace

    KingPhisherhelp

    opened by CryptoShoe 2
  • Installation on fresh Kali VM

    Installation on fresh Kali VM

    I tried to install King-Phisher on Kali, Ubuntu, and Debian - all fresh and fully updated.

    I can't get anywhere. Multiple issues across the board, mainly related to either database initialization errors or pipenv environment issues (can't create virtual enviornment)

    Highly frustrated, I've literally spent all day. I've followed the guide a few time over, I've followed other guides, I get 'partially' installed but can't connect to the server, the postgresql database sometimes has the king_phisher database and user, sometimes it does not, I've verified the database password. Forum searches, re-installations... Just can't get anywhere.

    opened by Klye-Git 1
  • failed to install the pipenv

    failed to install the pipenv

    hello, after following the instructions in the INSTALL.md and when i prompt sudo ./KingPhisher server_config.yml i encounter this error "failed to install the pipenv environment" i tried looking every solution on google and youtube still not being able to fix it

    i tried running pipenv install in cmd i encountered this error "FileNotFoundError: [Errno 2] No such file or directory: '/home/hannzo/.local/share/virtualenvs/king-phisher-RbupqVtz/bin/python' "

    please reply asap thanks !

    opened by Hanzo96 0
  • unable to start the prgram

    unable to start the prgram

    Issue Description

    I experience an issue when I... and the results I expected are...

    Reproduction Steps

    1. Start King Phisher
    2. Do something to trigger the crash

    Environment Details

    Host OS: Ubuntu 18.04 GNOME, Kali 2, etc. King Phisher Version: x.y.z

    Error Details / Stack Trace

    If you are opening an issue regarding the client, copy text from the "Error
    Details" of the error dialog in the client here. If you are opening an issue
    regarding the server copy the relevant lines from the logs here.
    
    opened by mechanic1982 0
Releases(v1.15.0)
  • v1.15.0(Sep 24, 2019)

    • Add support to select visible columns for tables in the Campaign tab
    • Add support for printing pipenv running output in real time
    • Windows build will now install PyPI requirements for plugins during installation
    • Multiple bug fixes

    MSI Build Hashes:

    md5: 7b31e812bbb5cff462d8fc6c1ab147b4
    sha1: ae460a46b985a55c9e704006dee12341acd00858
    sha512: 9edff03aeb4755780f6f7c0b8fc926e80e1495b996e42d7a0572ecb63d42e2c0de17d597c26e3d8106b22e7e7703bf51ab034c95b38933a603b593641bae992f
    
    Source code(tar.gz)
    Source code(zip)
    KingPhisher-1.15.0-win32.msi(486.05 MB)
  • v1.14.0(Aug 1, 2019)

    • Added the Message-ID MIME header to outgoing messages
    • Attempt SSH authentication with all agent-provided SSH keys
    • Deleted Pipfile.lock from repository to prevent hash issues between python interpreter versions
    • Add --three to pipenv install and pipenv --update startup procedures to force use of Python 3
    • Added server support for installing missing plugin requirements during initialization
    • Added asynchronous RPC methods to the client
    • Added GraphQL and database schema documentation
    • Changed Target URL to Web Server URL in Campaign Editor
    • Added the ability issue SSL Certificates through certbot

    MSI Build Hashes:

    md5: 1738e4b4fe8c5e4c758a8af60a87ff8d
    sha1: c18702d782bb8ff37b88d3f2dc63d210b993555b
    sha512: 11f803e4f3fed93a0edc0f8a1ec49c6eb9e10a9a663af24ebb3831a345b63fb6
    
    Source code(tar.gz)
    Source code(zip)
    KingPhisher-1.14.0-win32.msi(482.91 MB)
  • v1.13.1(Apr 19, 2019)

    • Fixed broken references to start_process
    • Fixed a KeyError when creating a campaign for the first time (see: #365)
    • Updated SQLAlchemy and Jinja2 libraries for security patches

    MSI Build Hashes:

    md5: f9e53a0b282a06d2838557caf848a94d
    sha1: bb81992c45b6dda9bd41f30f0e5222f965f1686b
    sha512: 312a9a3e7b0765a0db439babf50460e1b30a2765189230f3d72a9c3dd67081e57e9d5525d38267c0790bcb7a8f630fb6e82adaa09fb5318f57380795df384b4e
    
    Source code(tar.gz)
    Source code(zip)
    KingPhisher-1.13.1-win32.msi(479.30 MB)
  • v1.13.0(Apr 4, 2019)

    • Added support for logging MFA tokens with credentials
    • Added support for using regular expressions to validate credentials
    • Automatically try to install plugin dependencies with pip from PyPi
    • Added advanced, rule-based filtering support to the Campaign tabs
    • Added site template metadata
      • Site templates can now include a metadata file for describing their content
      • The Campaign Assistant will help select a target URL based on available templates

    MSI Build Hashes:

    md5: 08ee0dad5a668a9908370f2d24126080
    sha1: 7458c504e9766ae6491b22c40dfd2f6faa361111
    sha512: bb2f864cfb31f797c4582127f49ee00b4a06730dbd89668e76bcbcdad75cc87e
    
    Source code(tar.gz)
    Source code(zip)
    KingPhisher-1.13.0-win32.msi(475.39 MB)
  • v1.12.0(Nov 7, 2018)

    • Added support for users to set their email address for campaign alerts via email
    • Added additional plugin metadata fields for reference URLs and category classifiers
    • Added additional documentation including an architecture overview for reference
    • Multiple improvements to the client plugin manager
      • There is now an option to update plugins in the menu
      • Plugins can ship with dedicated documentation in markdown files that will be displayed
      • The GUI no longer locks up while tasks like downloading plugins are taking place
    • Added the new fetch Jinja function and fromjson Jinja filter
    • Added campaign-alert-expired and campaign-expired server signals
    • Switched to using Pipenv to manage the environment and dependencies

    MSI Build Hashes:

    md5: fe86670b43eae41f5a1ad3d25eb131ed
    sha1: d2d4dc73e682f3bb7c4d51429637bb27b01eba1a
    sha512: 8ca2bd0c4e34ef71a56c930040712b3bda9ee8c3905b6379f3dd193cdaabf706f5408a1a8b241c377eed6f72f71ec0bfd69975856916885092137dc5731a44ea
    
    Source code(tar.gz)
    Source code(zip)
    KingPhisher-1.12.0-win32.msi(475.07 MB)
  • v1.11.0(Apr 12, 2018)

    • Updated to support matplotlib version 2.2.0
    • Removed docker server support
    • Multiple improvements to the installation script
      • Users can now specify a supported Linux distro when it is not automatically detected
      • The database connection string is kept to avoid PostgreSQL password resets
    • Added support for setting message UID character set options
    • Bumped the required minimum version of Python to 3.4 and GTK to 3.14
    • Update Windows build to use pygi-aio-3.24.1_rev1 PyGObjects
    • Multiple bug fixes.

    MSI Build Hashes:

    md5: d8b584378d573f26d49a68572b955e26
    sha1: 91d98a8ba324a97e9f4c8a3867a1a45a4ef98ee2
    sha512: 26c1d3efa1ca3429e412fc35a658f376e91070f7f9dccd29878091eb189cc529258600dbccee69e276754c541e271dc00807c9e06e774d6e09acd602c6b7e23e
    
    Source code(tar.gz)
    Source code(zip)
    KingPhisher-1.11.0-win32.msi(438.66 MB)
  • v1.10.0(Mar 16, 2018)

    • Added a campaign-alert server signal for custom alert delivery mechanisms

    • Use GraphQL for loading data instead of the legacy table-based API

    • Support fault-tolerance when dispatching server signals

    • Allow a country code to be set in users' phone numbers

    • Visits will now be tracked if the landing page is any existing type

    • Multiple RPC Terminal improvements

      • Fix a bug regarding line wrapping due to the TERM environment variable
      • Use ipython when it's installed
      • Added %graphql and %graphql_file magic commands
    • Tweaks to the default MIME-encoded HTML message to reduce it's SpamAssassin score

    • Modified client signals to allow better API control

      • Added message-create and target-create for modifying the respective objects
      • Added message-send and target-send to allow skipping the message and target
      • Removed the send-message and send-target signals in favor of the new ones

    MSI Build Hashes:

    md5: d425bd6f40b5989db1384c3bd86cbb43
    sha1: 3880253db0e56d21fae86477ca88f3114d0e0f7a
    sha512: 42102fa1a4f7f89b11ca2aaf0aebb6bfcf50a7cf2a2f02cb72c3d83095ba21fa01d01c7928ee44fed372ee24941d3c3bfac07805d971029e8ecc565786fd9a81
    
    Source code(tar.gz)
    Source code(zip)
    KingPhisher-1.10.0-win32.msi(407.15 MB)
  • v1.9.0(Nov 22, 2017)

    • Support resetting plugins options to their respective defaults
    • Moved Office 2007+ metadata removal to a new plugin
    • Added support for installing plugins from remote sources through the UI
    • Added timeout support for SPF DNS queries
    • Support for installing on Arch Linux
    • Multiple server improvements
      • Upgrade AdvancedHTTPServer to v2.0.11 to support async SSL handshakes
      • Support using an include directive in the server configuration file
      • Added a request-handle signal for custom HTTP request handlers
      • Removed address support from the server config in favor of addresses
      • Support login as an alias of the username parameter for credentials

    MSI Build Hashes:

    md5: 156b51730e03f0a23c4bb9dc9826d09d
    sha1: f126824cec862ed6431f81f12e5995f0a95c9346
    sha512: e4a4d3ba34d2072345c46904bc7424846044840604619d217798428e1a3ca7193562c84d6838f17157f86ed2861f941dbaa71b73117e47e48566fff33c00d800
    
    Source code(tar.gz)
    Source code(zip)
    KingPhisher-1.9.0-win32.msi(397.07 MB)
  • v1.8.0(Jun 6, 2017)

    • Warn Python 2.7 user that this is the last release Python 2.7 will be supported
    • The Windows MSI Build is now in Python 3.4
    • Install script now supports Red Hat Server 7
    • Support the client on OS X by using Docker
    • Support for issuing certificates with acme while the server is running
    • Add a wrapping tool for certbot to make the process easier
    • Updated tools/cx_freeze.py to build the King Phisher client in Python 3.4
    • Updated documentation for the Windows build
    • Multiple Bug Fixes, and tweaks to make things run smoother

    MSI Build Hashes:

    md5: 7cd7379597f43015d0f5972821c607c7
    sha1: 3ed770dedd0bfce12b443e2fd1e40e90cf1f54e7
    sha512: 199f81dee0cffb29d5b1d441f798e2271f4bbdf6a11aa618123aa41b14e2d9970b1af3db77a1fefb0cc553ed33def57923e7f9c4d921a8e779c072f6d3b3ff77
    
    Source code(tar.gz)
    Source code(zip)
    KingPhisher-1.8.0-win32.msi(310.91 MB)
  • v1.7.1(Apr 14, 2017)

    • Bug fix in the Windows build for HTTPS connections from the requests package

    MSI Build Hashes:

    md5: d8d5712e821b4e5fb84ecd8745eba0c5
    sha1: 9501b7f6df8dfdba005e0d49f084e0e37490c7eb
    sha512: 517c93b281b9dc56bf2168e4ace4dae7ab6782457406a9c155a07497b5a6fa4fb6dc650376eb7cddd8cde2b6180af631d67cb0dad1998c2c00d8be16bfd09d02
    
    Source code(tar.gz)
    Source code(zip)
    KingPhisher-1.7.1-win32.msi(188.24 MB)
  • v1.7.0(Apr 4, 2017)

    • Better error messages for malformed server configuration files
    • Support for sending to targets via To / CC / BCC fields
    • New features for client and server plugins
    • Add comparison of "trained" statistics to the campaign comparison
    • Support for including and importing Jinja templates from relative paths
    • Support for including custom HTTP headers in server responses
    • New feature to import Campaigns from XML files
    • Support for emails address with longer top level domain names

    MSI Build Hashes:

    md5: 6347ab2a70c04f62d17a6e417a222e15
    sha1: a0013415968f4ce2f77519707921093ceef233a7
    sha512: 1b4f102950865c9916206c1cf4697ae2cead1037e6dabca7d845c1b35c97d9fc98fb77da6050bba0d7319561805db720aeaae03c453aa74b79e929727ebf7665
    
    Source code(tar.gz)
    Source code(zip)
    KingPhisher-1.7.0-win32.msi(187.35 MB)
  • v1.6.0(Jan 31, 2017)

    • Support negotiating STARTTLS with SMTP servers that support it
    • Support for real time event publishing to the client
    • Support for a new GraphQL API for more efficient data queries
    • More flexibility in configuring server logging
    • Add persistent storage for server plugin data
    • Add a Jinja function to check if a password is complex
    • Add client message-data-export and message-data-import signals
    • King Phisher now starts with Python3 by default
    • tools/install.sh now creates a backup of server_config.yml when present
    • Minor bug fixes
      • Minor CSS fixes
      • Special characters now display in the UI correctly

    MSI Build Hashes: md5: 05f0164b3af02ad731871923ecd75f2b sha1: a02e960999a746266db29c7290d993bf86d77425

    Source code(tar.gz)
    Source code(zip)
    KingPhisher-1.6.0-win32.msi(184.75 MB)
  • v1.5.2(Dec 23, 2016)

    • Minor bug fixes
      • Use Default SMS sender to fix SMS subscription with T-Mobile
      • Upgrade AHS to v2.0.6 to fix select polling
      • Corrected issue when attachment file is inaccessible
      • Fixed issue when message file directory is gone
      • Fixed server side encoding error with basic auth
      • Fixed TypeError handling while rendering templates
      • Fixed a unicode bug when processing targets csv
      • Fixed install.sh script for CentOS7 and python3
      • Fixed show exception dialog with Glib idle_add
      • Fixed a logic bug causing premature SMTP reconnects
      • Fixed Webkit-1 load_string Null error

    MSI Build Hashes md5: 53471bad68db464cbaea007eda75dd4d sha1: 439a6a8a13b27d0ddefe5d37e316773f452d2731

    Source code(tar.gz)
    Source code(zip)
    KingPhisher-1.5.2-win32.msi(184.69 MB)
  • v1.5.1(Oct 3, 2016)

    • Automated installation script improvements
      • Backup an existing server configuration file
      • Log warnings when the PostgreSQL user exists
    • Improve the Metasploit plugin for session notifications via SMS
    • Support exporting credentials for use with Metasploit's USERPASS_FILE option.

    MSI Build Hashes MD5: f155c0130a620d5f27d498aa100cef16 SHA1: 8e37f4c95285de7b5c5bf703e3c2eca7b7c99ec3

    Source code(tar.gz)
    Source code(zip)
    KingPhisher-1.5.1-win32.msi(185.10 MB)
  • v1.5.0(Sep 22, 2016)

    • Added an SPF button to the client for on demand SPF record checking
    • Fixed missing packages in the Windows build for timezone data
    • Transitioned to the dnspython package for Python 2.x and 3.x

    MSI Build Hashes MD5: beea200f78b74fefb2356ffda1434435 SHA1: 9248bf1a85bd17fefa2b6bd70551bed82e67f4da

    Source code(tar.gz)
    Source code(zip)
    KingPhisher-1.5.0-win32.msi(184.87 MB)
  • v1.4.0(Aug 5, 2016)

    • Added additional Jinja variables for server pages
    • Upgraded to AdvancedHTTPServer version 2
      • Added support for binding to multiple interfaces
      • Added support for multiple SSL hostnames via SNI
    • Support for plugins in the server application
    • Campaign Comparison Tools
    • Added server signals for event subscriptions in plugins
    • Updated the style for GTK 3.20
    • Start to warn users about the impending Python 2.7 deprecation
    • Change to installing for Python 3
    • Added an uninstallation script

    MSI Build Hashes MD5: f7e06eee3b59417b4f032c22bdb051cc SHA1: 81d92ed5abdd43d2e12cfe21c728f433c0a58a64

    Source code(tar.gz)
    Source code(zip)
    KingPhisher-1.4.0-win32.msi(183.35 MB)
  • v1.3.0(May 17, 2016)

    • Added automatic setup of PostgreSQL database for the server
    • Server bug fixes when running on non-standard HTTP ports
    • Added completion to the message editor
    • Support for plugins in the client application
    • Added a client plugin to automatically check for updates
    • Added a client plugin to generate anonymous statistics
    • Added debug logging of parameters for key RPC methods
    • Lots of Python 3.x compatibility fixes

    MSI Build Hashes MD5: 4a7f09ef275d661e2d712f78f618d0b1 SHA-1: b6bf502eba9a2cec4efa0b02b8c80676092d99b1

    Source code(tar.gz)
    Source code(zip)
    KingPhisher-1.3.0-win32.msi(180.84 MB)
  • v1.2.0(Mar 18, 2016)

  • v1.1.0(Dec 31, 2015)

    • Added an option to send a message to a single target
    • Support for sending calendar invite messages
    • Added PostgreSQL setup to the installer
    • Support for exporting to Excel
    • Added a Jupyter notebook for interactive data analysis
    • Added additional campaign filtering options
    • Support for removal of metadata from Microsoft Office 2007+ documents

    MSI Build Hashes MD5: 227b80125d63b25cbeb69542bff8aad3 SHA-1: 9dc0edb115c5b21682b9db5bc2ffb6448231943d

    Source code(tar.gz)
    Source code(zip)
    KingPhisher-1.1.0-win32.msi(174.51 MB)
  • v1.0.0(Oct 15, 2015)

    • Moved templates to a dedicated separate repository
    • Added a custom theme for the client
    • Added support for two factor authentication with TOTP
    • Support for specifying an img style attribute for inline images in messages

    MSI Build Hashes MD5: eaefe53b2358a33e8125b84284c2df9d SHA-1: 5a45657d3c09f72d45307e83df921229fa137298

    Source code(tar.gz)
    Source code(zip)
    KingPhisher-1.0.0-win32.msi(188.55 MB)
  • v0.3.0(Aug 21, 2015)

    Note: This is the final release of the pre-1.0.0 version of King Phisher and is not compatible with the server version 1.0.0-beta and newer. New users installing King Phisher must make sure to use the v0.3.0 version of the server if the Windows client needs to be compatible. This can be accomplished by using git to checkout the v0.3.0 tag (git checkout v0.3.0) or downloading the source archive and then following the installation instructions as usual.

    • Added a new campaign creation assistant
    • Support for expiring campaigns at a specified time
    • Track more details when messages are opened such as the IP address and User Agent
    • Support for tagging campaign types
    • Support for organizing campaigns by companies
    • Support for storing email recipients department name
    Source code(tar.gz)
    Source code(zip)
    KingPhisher-0.3.0-win32.msi(169.61 MB)
  • v0.2.1(Jul 14, 2015)

    • Added syntax highlighting to the message edit tab
    • Technical documentation improvements, including documenting the REST API
    • Support reloading message templates when they change from an external editor
    • Support for pulling the client IP from a cookie set by an upstream proxy
    • Support for embedding training videos from YouTube
    • Added a Metasploit plugin for using the REST API to send SMS messages
    • Support for exporting visit information to GeoJSON
    Source code(tar.gz)
    Source code(zip)
    KingPhisher-0.2.1-win32.msi(169.71 MB)
  • v0.2.0(Apr 28, 2015)

  • v0.1.7(Feb 20, 2015)

    • Added make_csrf_page function
    • Added server support for SSL
    • Support verifying the server configuration file
    • Added a desktop file and icon for the client GUI
    • Added support for operating on multiple rows in the client's campaign tables
    • Support starting an external SFTP application from the client
    • Tweaked miscellaneous features to scale for larger campaigns (35k+ messages)
    • Updated AdvancedHTTPServer to version 0.4.2 which supports Python 3
    • Added integration for checking Sender Policy Framework (SPF) records
    Source code(tar.gz)
    Source code(zip)
    KingPhisher-0.1.7-win32.msi(53.23 MB)
  • v0.1.6(Nov 3, 2014)

    • Migrated to SQLAlchemy backend (SQLite will no longer be supported for database upgrades)
      • Added support for PostgreSQL as a DBMS backend
    • Added additional documentation to the wiki
    • Enhanced error handling and UI documentation for a better user experience
    • Support for quickly adding common dates and times in the message editor
    Source code(tar.gz)
    Source code(zip)
    KingPhisher-0.1.6-win32.msi(54.88 MB)
  • v0.1.5(Sep 29, 2014)

  • v0.1.4(Sep 4, 2014)

  • v0.1.3(Jun 4, 2014)

Owner
RSM US LLP
RSM US LLP
PKUAutoElective for 2021 spring semester

PKUAutoElective 2021 Spring Version Update at Mar 7 15:28 (UTC+8): 修改了 get_supplement 的 API 参数,已经可以实现课程列表页面的正常跳转,请更新至最新 commit 版本 本项目基于 PKUAutoElectiv

Zihan Mao 84 Sep 09, 2022
A simple linux keylogger project.

The project This project is a simple linux keylogger. When activated, it registers all the actions made with the keyboard. The log files are registere

1 Oct 24, 2021
Python exploit code for CVE-2021-4034 (pwnkit)

Python3 code to exploit CVE-2021-4034 (PWNKIT). This was an exercise in "can I make this work in Python?", and not meant as a robust exploit. It Works

Joe Ammond 92 Dec 29, 2022
On the 11/11/21 the apache 2.4.49-2.4.50 remote command execution POC has been published online and this is a loader so that you can mass exploit servers using this.

ApacheRCE ApacheRCE is a small little python script that will allow you to input the apache version 2.4.49-2.4.50 and then input a list of ip addresse

3 Dec 04, 2022
PyFUD - Fully Undetectable payload generator for metasploit

PyFUD fully Undetectable payload generator for metasploit Usage: pyfud.py --host

3 Mar 25, 2022
Utility for Extracting all passwords from ConnectWise Automate

CWA Password Extractor Utility for Extracting all passwords from ConnectWise Automate (E.g. while migrating to a new system). Outputs a csv file with

Matthew Kyles 1 Dec 09, 2021
Mass Shortlink Bypass Merupakan Tools Yang Akan Bypass Shortlink Ke Tujuan Asli, Dibuat Dengan Python 3

Shortlink-Bypass Mass Shortlink Bypass Merupakan Tools Yang Akan Bypass Shortlink Ke Tujuan Asli, Dibuat Dengan Python 3 Support Shortlink tii.ai/tei.

Wan Naz ID 6 Oct 24, 2022
IDA Pro Python plugin to analyze and annotate Linux kernel alternatives

About This is an IDA Pro (Interactive Disassembler) plugin allowing to automatically analyze and annotate Linux kernel alternatives (content of .altin

Open Source Security, Inc. 16 Oct 12, 2022
If you are worried about being found perhaps try taking cover under a blanket. Pure Python PowerShell Obfuscator

If you are worried about being found perhaps try taking cover under a blanket. Pure Python PowerShell Obfuscator

Ph0tonz 3 Jun 07, 2022
Arbitrium is a cross-platform, fully undetectable remote access trojan, to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding rules

About: Arbitrium is a cross-platform is a remote access trojan (RAT), Fully UnDetectable (FUD), It allows you to control Android, Windows and Linux an

Ayoub 861 Feb 18, 2021
Python & JavaScript Obfuscator made in Python 3.

Python Code Obfuscator A script that converts code into full on random numerical expressions. Simple Scripts: Python Mode... Input: Function that deco

rzx. 1 Dec 29, 2021
Fuck - Multi Brute Force 🚶‍♂

f-mbf Fuck - Multi Brute Force 🚶‍♂ Install Script $ pkg update && pkg upgrade $ pkg install python2 $ pkg install git $ pip2 install requests $ pip2

Yumasaa 1 Dec 03, 2021
CVE-2021-22005 - VMWare vCenter Server File Upload to RCE

CVE-2021-22005 - VMWare vCenter Server File Upload to RCE Analyze Usage ------------------------------------------------------------- [*] CVE-2021-220

r0cky 224 Aug 05, 2022
Exploiting CVE-2021-42278 and CVE-2021-42287

noPac Exploiting CVE-2021-42278 and CVE-2021-42287 原项目noPac在实现上可能有点问题,导致在本地没有打通,于是参考sam-the-admin项目进行修改。 使用 pip3 install -r requirements.txt # GetShel

W4ter 2 Jun 23, 2022
This repo created for bypassing Widevine L3 DRM and obtaining keys.

First run: Copy headers (with cookies) of POST license request from browser to headers.py like dictionary. pip install -r requirements.txt # if doesn'

Mikhail 263 Jan 07, 2023
Small Python library that adds password hashing methods to ORM objects

Password Mixin Mixin that adds some useful methods to ORM objects Compatible with Python 3.5 = 3.9 Install pip install password-mixin Setup first cre

Joe Gasewicz 5 Nov 22, 2022
Everything I needed to understand what was going on with "Spring4Shell" - translated source materials, exploit, links to demo apps, and more.

springcore-0day-en These are all my notes from the alleged confirmed! 0day dropped on 2022-03-29. This vulnerability is commonly referred to as "Sprin

Chris Partridge 105 Nov 26, 2022
A DOM-based G-Suite password sprayer and user enumerator

A DOM-based G-Suite password sprayer and user enumerator

Mayk 1 Apr 07, 2022
Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more.

Log4jHorizon Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more. BLOG COMING SOON Code and README.md this time around are

96 Dec 14, 2022
PreviewGram is for users that wants get a more private experience with the Telegram's Channel.

PreviewGram is for users that wants get a more private experience with the Telegram's Channel.

1 Sep 25, 2022