Documentation ¶
Overview ¶
Package controllers is responsible for setting up the routing and controllers (http.Handlers) for gophish.
Index ¶
- Constants
- Variables
- func API_Auth_LAK(w http.ResponseWriter, r *http.Request)
- func API_Campaign_Id_Summary(w http.ResponseWriter, r *http.Request)
- func API_Campaigns(w http.ResponseWriter, r *http.Request)
- func API_Campaigns_Id(w http.ResponseWriter, r *http.Request)
- func API_Campaigns_Id_Complete(w http.ResponseWriter, r *http.Request)
- func API_Campaigns_Id_Results(w http.ResponseWriter, r *http.Request)
- func API_Campaigns_Summary(w http.ResponseWriter, r *http.Request)
- func API_Groups(w http.ResponseWriter, r *http.Request)
- func API_Groups_Id(w http.ResponseWriter, r *http.Request)
- func API_Groups_Id_LMS(w http.ResponseWriter, r *http.Request)
- func API_Groups_Id_LMS_Jobs_Id(w http.ResponseWriter, r *http.Request)
- func API_Groups_Id_Summary(w http.ResponseWriter, r *http.Request)
- func API_Groups_Summary(w http.ResponseWriter, r *http.Request)
- func API_Import_Email(w http.ResponseWriter, r *http.Request)
- func API_Import_Group(w http.ResponseWriter, r *http.Request)
- func API_Import_Site(w http.ResponseWriter, r *http.Request)
- func API_Pages(w http.ResponseWriter, r *http.Request)
- func API_Pages_Id(w http.ResponseWriter, r *http.Request)
- func API_Pages_Id_Preview(w http.ResponseWriter, r *http.Request)
- func API_PhishAlarm(w http.ResponseWriter, r *http.Request)
- func API_Plans(w http.ResponseWriter, r *http.Request)
- func API_Reset(w http.ResponseWriter, r *http.Request)
- func API_Roles(w http.ResponseWriter, r *http.Request)
- func API_Roles_Id(w http.ResponseWriter, r *http.Request)
- func API_SMTP(w http.ResponseWriter, r *http.Request)
- func API_SMTP_Id(w http.ResponseWriter, r *http.Request)
- func API_SMTP_domains(w http.ResponseWriter, r *http.Request)
- func API_Send_Test_Email(w http.ResponseWriter, r *http.Request)
- func API_Subscription(w http.ResponseWriter, r *http.Request)
- func API_Subscriptions(w http.ResponseWriter, r *http.Request)
- func API_Tags(w http.ResponseWriter, r *http.Request)
- func API_Tags_Single(w http.ResponseWriter, r *http.Request)
- func API_Templates(w http.ResponseWriter, r *http.Request)
- func API_Templates_Id(w http.ResponseWriter, r *http.Request)
- func API_Templates_Id_Preview(w http.ResponseWriter, r *http.Request)
- func API_User(w http.ResponseWriter, r *http.Request)
- func API_UserSync(w http.ResponseWriter, r *http.Request)
- func API_User_ByRole(w http.ResponseWriter, r *http.Request)
- func API_Users(w http.ResponseWriter, r *http.Request)
- func API_Users_Id(w http.ResponseWriter, r *http.Request)
- func API_Users_Id_ResetPassword(w http.ResponseWriter, r *http.Request)
- func Avatar(w http.ResponseWriter, r *http.Request)
- func Avatars_Id(w http.ResponseWriter, r *http.Request)
- func Base(w http.ResponseWriter, r *http.Request)
- func CampaignID(w http.ResponseWriter, r *http.Request)
- func Campaigns(w http.ResponseWriter, r *http.Request)
- func Clone(w http.ResponseWriter, r *http.Request)
- func CreateAdminRouter() http.Handler
- func CreatePhishingRouter() http.Handler
- func Flash(w http.ResponseWriter, r *http.Request, t string, m string)
- func JSONResponse(w http.ResponseWriter, d interface{}, c int)
- func LandingPages(w http.ResponseWriter, r *http.Request)
- func LoggableJSONResponse(w http.ResponseWriter, d interface{}, c int, tag string)
- func Login(w http.ResponseWriter, r *http.Request)
- func Logo(w http.ResponseWriter, r *http.Request)
- func Logout(w http.ResponseWriter, r *http.Request)
- func People(w http.ResponseWriter, r *http.Request)
- func PhishHandler(w http.ResponseWriter, r *http.Request)
- func PhishReporter(w http.ResponseWriter, r *http.Request)
- func PhishTracker(w http.ResponseWriter, r *http.Request)
- func PhishingCategories(w http.ResponseWriter, r *http.Request)
- func Preview(w http.ResponseWriter, r *http.Request)
- func Register(w http.ResponseWriter, r *http.Request)
- func RobotsHandler(w http.ResponseWriter, r *http.Request)
- func Roles(w http.ResponseWriter, r *http.Request)
- func SSO_Login(w http.ResponseWriter, r *http.Request)
- func SendingDomains(w http.ResponseWriter, r *http.Request)
- func SendingProfiles(w http.ResponseWriter, r *http.Request)
- func SetWorker(w *worker.Worker)
- func Settings(w http.ResponseWriter, r *http.Request)
- func Templates(w http.ResponseWriter, r *http.Request)
- func TransparencyHandler(w http.ResponseWriter, r *http.Request)
- func Use(handler http.HandlerFunc, mid ...func(http.Handler) http.HandlerFunc) http.HandlerFunc
- func Users(w http.ResponseWriter, r *http.Request)
- type TransparencyResponse
- type UnindexedFileSystem
Constants ¶
const TransparencySuffix = "+"
TransparencySuffix (when appended to a valid result ID), will cause Gophish to return a transparency response.
Variables ¶
var ErrCampaignComplete = errors.New("Event received on completed campaign")
ErrCampaignComplete is thrown when an event is received for a campaign that has already been marked as complete.
var ErrInvalidRequest = errors.New("Invalid request")
ErrInvalidRequest is thrown when a request with an invalid structure is received
var Worker *worker.Worker
Worker is the worker that processes phishing events and updates campaigns.
Functions ¶
func API_Auth_LAK ¶
func API_Auth_LAK(w http.ResponseWriter, r *http.Request)
API_Auth_LAK handles generation of limited access keys
func API_Campaign_Id_Summary ¶
func API_Campaign_Id_Summary(w http.ResponseWriter, r *http.Request)
API_Campaigns_Id_Summary returns just the summary for a given campaign.
func API_Campaigns ¶
func API_Campaigns(w http.ResponseWriter, r *http.Request)
API_Campaigns returns a list of campaigns if requested via GET. If requested via POST, API_Campaigns creates a new campaign and returns a reference to it.
func API_Campaigns_Id ¶
func API_Campaigns_Id(w http.ResponseWriter, r *http.Request)
API_Campaigns_Id returns details about the requested campaign. If the campaign is not valid, API_Campaigns_Id returns null.
func API_Campaigns_Id_Complete ¶
func API_Campaigns_Id_Complete(w http.ResponseWriter, r *http.Request)
API_Campaigns_Id_Complete effectively "ends" a campaign. Future phishing emails clicked will return a simple "404" page.
func API_Campaigns_Id_Results ¶
func API_Campaigns_Id_Results(w http.ResponseWriter, r *http.Request)
API_Campaigns_Id_Results returns just the results for a given campaign to significantly reduce the information returned.
func API_Campaigns_Summary ¶
func API_Campaigns_Summary(w http.ResponseWriter, r *http.Request)
API_Campaigns_Summary returns the summary for the current user's campaigns
func API_Groups ¶
func API_Groups(w http.ResponseWriter, r *http.Request)
API_Groups returns a list of groups if requested via GET. If requested via POST, API_Groups creates a new group and returns a reference to it.
func API_Groups_Id ¶
func API_Groups_Id(w http.ResponseWriter, r *http.Request)
API_Groups_Id returns details about the requested group. If the group is not valid, API_Groups_Id returns null.
func API_Groups_Id_LMS ¶
func API_Groups_Id_LMS(w http.ResponseWriter, r *http.Request)
API_Groups_Id_LMS handles creation and removal of LMS users
func API_Groups_Id_LMS_Jobs_Id ¶
func API_Groups_Id_LMS_Jobs_Id(w http.ResponseWriter, r *http.Request)
API_Groups_Id_LMS_Jobs_Id provides info on LMS user creation job status
func API_Groups_Id_Summary ¶
func API_Groups_Id_Summary(w http.ResponseWriter, r *http.Request)
API_Groups_Id_Summary returns a summary of the groups owned by the current user.
func API_Groups_Summary ¶
func API_Groups_Summary(w http.ResponseWriter, r *http.Request)
API_Groups_Summary returns a summary of the groups owned by the current user.
func API_Import_Email ¶
func API_Import_Email(w http.ResponseWriter, r *http.Request)
API_Import_Email allows for the importing of email. Returns a Message object
func API_Import_Group ¶
func API_Import_Group(w http.ResponseWriter, r *http.Request)
API_Import_Group imports a CSV of group members
func API_Import_Site ¶
func API_Import_Site(w http.ResponseWriter, r *http.Request)
API_Import_Site allows for the importing of HTML from a website Without "include_resources" set, it will merely place a "base" tag so that all resources can be loaded relative to the given URL.
func API_Pages ¶
func API_Pages(w http.ResponseWriter, r *http.Request)
API_Pages handles requests for the /api/pages/ endpoint
func API_Pages_Id ¶
func API_Pages_Id(w http.ResponseWriter, r *http.Request)
API_Pages_Id contains functions to handle the GET'ing, DELETE'ing, and PUT'ing of a Page object
func API_Pages_Id_Preview ¶
func API_Pages_Id_Preview(w http.ResponseWriter, r *http.Request)
API_Pages_Id_Preview handles the functions for the /api/pages/:id/preview endpoint
func API_PhishAlarm ¶
func API_PhishAlarm(w http.ResponseWriter, r *http.Request)
API_PhishAlarm handles sending of phish alarm emails
func API_Plans ¶
func API_Plans(w http.ResponseWriter, r *http.Request)
API_Plans handles requests for the /api/plans/ endpoint
func API_Reset ¶
func API_Reset(w http.ResponseWriter, r *http.Request)
API (/api/reset) resets a user's API key
func API_Roles ¶
func API_Roles(w http.ResponseWriter, r *http.Request)
API_Roles returns a list of roles if requested via GET
func API_Roles_Id ¶
func API_Roles_Id(w http.ResponseWriter, r *http.Request)
API_Roles_Id returns details about the requested User. If the User is not valid, API_Roles_Id returns null.
func API_SMTP ¶
func API_SMTP(w http.ResponseWriter, r *http.Request)
API_SMTP handles requests for the /api/smtp/ endpoint
func API_SMTP_Id ¶
func API_SMTP_Id(w http.ResponseWriter, r *http.Request)
API_SMTP_Id contains functions to handle the GET'ing, DELETE'ing, and PUT'ing of a SMTP object
func API_SMTP_domains ¶
func API_SMTP_domains(w http.ResponseWriter, r *http.Request)
API_SMTP handles requests for the /api/smtp/domains endpoint
func API_Send_Test_Email ¶
func API_Send_Test_Email(w http.ResponseWriter, r *http.Request)
API_Send_Test_Email sends a test email using the template name and Target given.
func API_Subscription ¶
func API_Subscription(w http.ResponseWriter, r *http.Request)
API_Subscription handles subscription cancellation requests
func API_Subscriptions ¶
func API_Subscriptions(w http.ResponseWriter, r *http.Request)
API_Subscriptions handles requests for the /api/subscriptions/ endpoint
func API_Tags ¶
func API_Tags(w http.ResponseWriter, r *http.Request)
API_Tags returns all the list of the tags for email templates and landing pages in the site
func API_Tags_Single ¶
func API_Tags_Single(w http.ResponseWriter, r *http.Request)
func API_Templates ¶
func API_Templates(w http.ResponseWriter, r *http.Request)
API_Templates handles the functionality for the /api/templates endpoint
func API_Templates_Id ¶
func API_Templates_Id(w http.ResponseWriter, r *http.Request)
API_Templates_Id handles the functions for the /api/templates/:id endpoint
func API_Templates_Id_Preview ¶
func API_Templates_Id_Preview(w http.ResponseWriter, r *http.Request)
API_Templates_Id_Preview handles the functions for the /api/templates/:id/preview endpoint
func API_User ¶
func API_User(w http.ResponseWriter, r *http.Request)
API_User handles account updates and deletion requests
func API_UserSync ¶
func API_UserSync(w http.ResponseWriter, r *http.Request)
API_UserSync handles updates and deletions of users
func API_User_ByRole ¶
func API_User_ByRole(w http.ResponseWriter, r *http.Request)
API_User_ByRole returns a list of users of a certain role.
func API_Users ¶
func API_Users(w http.ResponseWriter, r *http.Request)
API_Users returns a list of Users if requested via GET.
func API_Users_Id ¶
func API_Users_Id(w http.ResponseWriter, r *http.Request)
API_Users_Id returns details about the requested User. If the User is not valid, API_Users_Id returns null.
func API_Users_Id_ResetPassword ¶
func API_Users_Id_ResetPassword(w http.ResponseWriter, r *http.Request)
API_Users_Id_ResetPassword handles password reset requests
func Avatar ¶
func Avatar(w http.ResponseWriter, r *http.Request)
Avatar serves avatar image of the logged-in user
func Avatars_Id ¶
func Avatars_Id(w http.ResponseWriter, r *http.Request)
Avatars_Id serves avatar image by the given id or the default avatar
func Base ¶
func Base(w http.ResponseWriter, r *http.Request)
Base handles the default path and template execution
func CampaignID ¶
func CampaignID(w http.ResponseWriter, r *http.Request)
CampaignID handles the default path and template execution
func Campaigns ¶
func Campaigns(w http.ResponseWriter, r *http.Request)
Campaigns handles the default path and template execution
func Clone ¶
func Clone(w http.ResponseWriter, r *http.Request)
Clone takes a URL as a POST parameter and returns the site HTML
func CreateAdminRouter ¶
CreateAdminRouter creates the routes for handling requests to the web interface. This function returns an http.Handler to be used in http.ListenAndServe().
func CreatePhishingRouter ¶
CreatePhishingRouter creates the router that handles phishing connections.
func JSONResponse ¶
func JSONResponse(w http.ResponseWriter, d interface{}, c int)
JSONResponse attempts to set the status code, c, and marshal the given interface, d, into a response that is written to the given ResponseWriter.
func LandingPages ¶
func LandingPages(w http.ResponseWriter, r *http.Request)
LandingPages handles the default path and template execution
func LoggableJSONResponse ¶
func LoggableJSONResponse(w http.ResponseWriter, d interface{}, c int, tag string)
LoggableJSONResponse does the same as JSONResponse and logs the response with the given tag
func Login ¶
func Login(w http.ResponseWriter, r *http.Request)
Login handles the authentication flow for a user. If credentials are valid, a session is created
func Logo ¶
func Logo(w http.ResponseWriter, r *http.Request)
Logo serves custom logo image (if any) or the default logo
func Logout ¶
func Logout(w http.ResponseWriter, r *http.Request)
Logout destroys the current user session and deletes the SSO cookies (if any)
func People ¶
func People(w http.ResponseWriter, r *http.Request)
People handles the default path and template execution
func PhishHandler ¶
func PhishHandler(w http.ResponseWriter, r *http.Request)
PhishHandler handles incoming client connections and registers the associated actions performed (such as clicked link, etc.)
func PhishReporter ¶
func PhishReporter(w http.ResponseWriter, r *http.Request)
PhishReporter tracks emails as they are reported, updating the status for the given Result
func PhishTracker ¶
func PhishTracker(w http.ResponseWriter, r *http.Request)
PhishTracker tracks emails as they are opened, updating the status for the given Result
func PhishingCategories ¶
func PhishingCategories(w http.ResponseWriter, r *http.Request)
Replancememnt of SendingProfiles by sendingdomains in our application a nornal user can use the profile/domains created by the administrator handles the default path and template execution
func Preview ¶
func Preview(w http.ResponseWriter, r *http.Request)
Preview allows for the viewing of page html in a separate browser window
func RobotsHandler ¶
func RobotsHandler(w http.ResponseWriter, r *http.Request)
RobotsHandler prevents search engines, etc. from indexing phishing materials
func Roles ¶
func Roles(w http.ResponseWriter, r *http.Request)
Roles handles the default path and template execution
func SSO_Login ¶
func SSO_Login(w http.ResponseWriter, r *http.Request)
SSO_Login handles Bakery Single Sign-On authentication flow for a user. If credentials are valid, a session is created.
func SendingDomains ¶
func SendingDomains(w http.ResponseWriter, r *http.Request)
Replancememnt of SendingProfiles by sendingdomains in our application a nornal user can use the profile/domains created by the administrator handles the default path and template execution
func SendingProfiles ¶
func SendingProfiles(w http.ResponseWriter, r *http.Request)
SendingProfiles handles the default path and template execution
func Settings ¶
func Settings(w http.ResponseWriter, r *http.Request)
Settings handles the changing of settings
func Templates ¶
func Templates(w http.ResponseWriter, r *http.Request)
Templates handles the default path and template execution
func TransparencyHandler ¶
func TransparencyHandler(w http.ResponseWriter, r *http.Request)
TransparencyHandler returns a TransparencyResponse for the provided result and campaign.
func Use ¶
func Use(handler http.HandlerFunc, mid ...func(http.Handler) http.HandlerFunc) http.HandlerFunc
Use allows us to stack middleware to process the request Example taken from https://github.com/gorilla/mux/pull/36#issuecomment-25849172
Types ¶
type TransparencyResponse ¶
type TransparencyResponse struct { Server string `json:"server"` ContactAddress string `json:"contact_address"` SendDate time.Time `json:"send_date"` }
TransparencyResponse is the JSON response provided when a third-party makes a request to the transparency handler.
type UnindexedFileSystem ¶
type UnindexedFileSystem struct {
// contains filtered or unexported fields
}
UnindexedFileSystem is an implementation of a standard http.FileSystem without the ability to list files in the directory. This implementation is largely inspired by https://www.alexedwards.net/blog/disable-http-fileserver-directory-listings