How to Configure and Install GoPhish on an Ubuntu or Linux Server

GoPhish
, , ,
1

GoPhish is an open-source phishing toolkit designed to make simulation campaigns simple and efficient. This guide walks you through setting up GoPhish on a Linux server with SSL support for added security.

Prerequisites

Before proceeding, ensure the following:

  • You have a registered domain name.
  • The domain is pointed to your server’s IP address (Step 0).
  • Access to a Linux server with sudo privileges.
  • Basic knowledge of Linux command-line operations.

Step 0: Point Domain to Server IP

  1. Log in to your domain registrar’s dashboard.
  2. Navigate to the DNS settings.
  3. Create an A record pointing your domain (e.g., phish.yourdomain.com) to your server’s public IP address.

Allow some time for DNS propagation.

Step 1: Download GoPhish for Linux

  1. Visit the GoPhish GitHub Releases page.
  2. Identify the latest Linux release and copy the download link.
  3. SSH into your server and run the following command:
    wget <gophish_download_link>
    Replace <gophish_download_link> with the link you copied.

Step 2: Extract the GoPhish Archive

  1. Extract the downloaded .zip file using the unzip command:
    unzip gophish-v*.zip
  2. Navigate into the extracted directory:
    cd gophish

Step 3: Change Permissions

Ensure the GoPhish binary is executable:

chmod +x gophish

Step 4: Install Certbot

Certbot automates the SSL certificate installation process. Install it using:

sudo apt update
sudo apt install certbot -y

Step 5: Obtain SSL Certificates

Run the following command to generate an SSL certificate for your domain:

sudo certbot certonly --standalone -d phish.yourdomain.com

Follow the prompts to complete the process.

Certbot will generate two important files:

  • fullchain.pem (certificate file)
  • privkey.pem (private key file)

Note: Certbot stores these files in /etc/letsencrypt/live/<yourdomain>/.

Step 6: Note SSL Key and Certificate Paths

Take note of the paths to the fullchain.pem and privkey.pem files. You’ll need these later.

Step 7: Edit the GoPhish Configuration

  1. Open the config.json file in a text editor:

    nano config.json

  2. Update the configuration as follows:

    • Admin dashboard SSL: Replace admin_cert and admin_key paths with your SSL files.
    • Phishing URL SSL: Replace phish_cert and phish_key paths with your SSL files.

    Example:

    {
    "admin_server": {
        "listen_url": "0.0.0.0:3333",
        "use_tls": true,
        "cert_path": "/etc/letsencrypt/live/phish.yourdomain.com/fullchain.pem",
        "key_path": "/etc/letsencrypt/live/phish.yourdomain.com/privkey.pem"
    },
    "phish_server": {
        "listen_url": "0.0.0.0:443",
        "use_tls": true,
        "cert_path": "/etc/letsencrypt/live/phish.yourdomain.com/fullchain.pem",
        "key_path": "/etc/letsencrypt/live/phish.yourdomain.com/privkey.pem"
    }
}

Step 8: Change Listener Port to 443

Ensure the phish_server section’s listen_url is set to 0.0.0.0:443.

Save and exit the file:

CTRL+O, ENTER, CTRL+X

Step 9: Start GoPhish

Start GoPhish by running:

sudo ./gophish

You should see output indicating that GoPhish is running.

Accessing GoPhish

  1. Open your browser and navigate to https://phish.yourdomain.com:3333.
  2. Log in to the admin dashboard using the default credentials (admin:gophish).

Conclusion

You’ve successfully configured GoPhish on your Linux server with SSL. You’re now ready to run secure phishing campaigns. Make sure to adhere to ethical guidelines and obtain proper permissions when conducting phishing simulations.

1 Like