Initial release (Closes: 3703)
Sophie Brun
7 years ago
0 | phishery for Debian | |
1 | ------------------ | |
2 | ||
3 | <this file describes information about the source package, see Debian policy | |
4 | manual section 4.14. You WILL either need to modify or delete this file> | |
5 | ||
6 | ||
7 | ||
8 | -- Sophie Brun <[email protected]> Fri, 12 May 2017 15:23:49 +0200 | |
9 |
0 | phishery (1.0.2-0kali1) kali-dev; urgency=medium | |
1 | ||
2 | * Initial release (Closes: 3703) | |
3 | ||
4 | -- Sophie Brun <[email protected]> Fri, 12 May 2017 15:23:49 +0200 |
0 | 10 |
0 | Source: phishery | |
1 | Section: misc | |
2 | Priority: extra | |
3 | Maintainer: Sophie Brun <[email protected]> | |
4 | Build-Depends: debhelper (>= 10), | |
5 | dh-golang, | |
6 | golang-any, | |
7 | golang-github-fatih-color-dev | |
8 | Standards-Version: 3.9.8 | |
9 | Homepage: https://github.com/ryhanson/phishery | |
10 | Vcs-Browser: http://git.kali.org/gitweb/?p=packages/phishery.git;a=summary | |
11 | Vcs-Git: git://git.kali.org/packages/phishery.git | |
12 | XS-Go-Import-Path: github.com/ryhanson/phishery | |
13 | Testsuite: autopkgtest | |
14 | ||
15 | Package: phishery | |
16 | Architecture: any | |
17 | Built-Using: ${misc:Built-Using} | |
18 | Depends: ${shlibs:Depends}, | |
19 | ${misc:Depends} | |
20 | Description: Basic Auth Credential Harvester with Word Doc Template Injector | |
21 | This package contains a Simple SSL Enabled HTTP server with the primary | |
22 | purpose of phishing credentials via Basic Authentication. | |
23 | The power of phishery is best demonstrated by setting a Word document's | |
24 | template to a phishery URL. This causes Microsoft Word to make a request to | |
25 | the URL, resulting in an Authentication Dialog being shown to the end-user. The | |
26 | ability to inject any .docx file with a URL is possible using phishery's | |
27 | -i [in docx], -o [out docx], and -u [url] options. |
0 | Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ | |
1 | Upstream-Name: phishery | |
2 | Source: https://github.com/ryhanson/phishery | |
3 | ||
4 | Files: * | |
5 | Copyright: 2016 Ryan Hanson | |
6 | License: Expat | |
7 | ||
8 | Files: archivex/* | |
9 | Copyright: 2014, Jhonathan Paulo Banczek | |
10 | License: BSD-3-clause | |
11 | All rights reserved. | |
12 | . | |
13 | Redistribution and use in source and binary forms, with or without | |
14 | modification, are permitted provided that the following conditions are met: | |
15 | . | |
16 | * Redistributions of source code must retain the above copyright notice, this | |
17 | list of conditions and the following disclaimer. | |
18 | . | |
19 | * Redistributions in binary form must reproduce the above copyright notice, | |
20 | this list of conditions and the following disclaimer in the documentation | |
21 | and/or other materials provided with the distribution. | |
22 | . | |
23 | * Neither the name of archivex nor the names of its | |
24 | contributors may be used to endorse or promote products derived from | |
25 | this software without specific prior written permission. | |
26 | . | |
27 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" | |
28 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
29 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | |
30 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE | |
31 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
32 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR | |
33 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER | |
34 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, | |
35 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | |
36 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
37 | ||
38 | Files: debian/* | |
39 | Copyright: 2017 Sophie Brun <[email protected]> | |
40 | License: Expat | |
41 | ||
42 | License: Expat | |
43 | Permission is hereby granted, free of charge, to any person obtaining a | |
44 | copy of this software and associated documentation files (the "Software"), | |
45 | to deal in the Software without restriction, including without limitation | |
46 | the rights to use, copy, modify, merge, publish, distribute, sublicense, | |
47 | and/or sell copies of the Software, and to permit persons to whom the | |
48 | Software is furnished to do so, subject to the following conditions: | |
49 | . | |
50 | The above copyright notice and this permission notice shall be included in | |
51 | all copies or substantial portions of the Software. | |
52 | . | |
53 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | |
54 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
55 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL | |
56 | THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | |
57 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING | |
58 | FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER | |
59 | DEALINGS IN THE SOFTWARE. |
0 | Description: Change the paths to default config files | |
1 | In Kali the config files are installed in /etc/phishery/ and not | |
2 | directly in the same directory than the binary which is installed in | |
3 | /usr/bin/ | |
4 | Change the default paths to point to /etc/phishery | |
5 | Author: Sophie Brun <[email protected]> | |
6 | Last-Update: 2017-05-15 | |
7 | --- | |
8 | This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ | |
9 | --- a/main.go | |
10 | +++ b/main.go | |
11 | @@ -27,8 +27,8 @@ const usage = | |
12 | Options: | |
13 | -h, --help Show usage and exit. | |
14 | -v Show version and exit. | |
15 | - -s The JSON settings file used to setup the server. [default: "settings.json"] | |
16 | - -c The JSON file to store harvested credentials. [default: "credentials.json"] | |
17 | + -s The JSON settings file used to setup the server. [default: "/etc/phishery/settings.json"] | |
18 | + -c The JSON file to store harvested credentials. [default: "/etc/phishery/credentials.json"] | |
19 | -u The phishery URL to use as the Word document template. | |
20 | -i The Word .docx file to inject with a template URL. | |
21 | -o The new Word .docx file with the injected template URL. | |
22 | @@ -39,8 +39,8 @@ var neat = neatprint.NewNeatPrint() | |
23 | func main() { | |
24 | var ( | |
25 | flVersion = flag.Bool("v", false, "") | |
26 | - flSettings = flag.String("s", "settings.json", "") | |
27 | - flCredentials = flag.String("c", "credentials.json", "") | |
28 | + flSettings = flag.String("s", "/etc/phishery/settings.json", "") | |
29 | + flCredentials = flag.String("c", "/etc/phishery/credentials.json", "") | |
30 | flUrl = flag.String("u", "", "") | |
31 | flDocx = flag.String("i", "", "") | |
32 | flBadocx = flag.String("o", "", "") | |
33 | @@ -103,4 +103,4 @@ func createBadocx(url string, in string, | |
34 | ||
35 | neat.Info("Injected Word document has been saved!") | |
36 | os.Exit(0) | |
37 | -} | |
38 | \ No newline at end of file | |
39 | +} | |
40 | --- a/settings.json | |
41 | +++ b/settings.json | |
42 | @@ -1,12 +1,12 @@ | |
43 | { | |
44 | "ip": "0.0.0.0", | |
45 | "port": "443", | |
46 | - "sslCert": "server.crt", | |
47 | - "sslKey": "server.key", | |
48 | + "sslCert": "/etc/phishery/server.crt", | |
49 | + "sslKey": "/etc/phishery/server.key", | |
50 | "basicRealm": "Secure Document Gateway", | |
51 | "responseStatus": 200, | |
52 | - "responseFile": "template.dotx", | |
53 | + "responseFile": "/etc/phishery/template.dotx", | |
54 | "responseHeaders": [ | |
55 | ["Content-Type", "application/vnd.openxmlformats-officedocument.wordprocessingml.template"] | |
56 | ] | |
57 | -} | |
58 | \ No newline at end of file | |
59 | +} | |
60 | --- a/README.md | |
61 | +++ b/README.md | |
62 | @@ -37,8 +37,8 @@ $ phishery --help | |
63 | Options: | |
64 | -h, --help Show usage and exit. | |
65 | -v Show version and exit. | |
66 | - -s The JSON settings file used to setup the server. [default: "settings.json"] | |
67 | - -c The JSON file to store harvested credentials. [default: "credentials.json"] | |
68 | + -s The JSON settings file used to setup the server. [default: "/etc/phishery/settings.json"] | |
69 | + -c The JSON file to store harvested credentials. [default: "/etc/phishery/credentials.json"] | |
70 | -u The phishery URL to use as the Word document template. | |
71 | -i The Word .docx file to inject with a template URL. | |
72 | -o The new Word .docx file with the injected template URL. | |
73 | @@ -51,11 +51,11 @@ Modify the provided settings.json file a | |
74 | { | |
75 | "ip": "0.0.0.0", | |
76 | "port": "443", | |
77 | - "sslCert": "server.crt", | |
78 | - "sslKey": "server.key", | |
79 | + "sslCert": "/etc/phishery/server.crt", | |
80 | + "sslKey": "/etc/phishery/server.key", | |
81 | "basicRealm": "Secure Document Gateway", | |
82 | "responseStatus": 200, | |
83 | - "responseFile": "template.dotx", | |
84 | + "responseFile": "/etc/phishery/template.dotx", | |
85 | "responseHeaders": [ | |
86 | ["Content-Type", "application/vnd.openxmlformats-officedocument.wordprocessingml.template"] | |
87 | ] | |
88 | @@ -125,4 +125,4 @@ $ ./phishery | |
89 | [HTTP] IP Address : 127.0.0.1 | |
90 | [AUTH] Username : john.doe | |
91 | [AUTH] Password : Summer15 | |
92 | -``` | |
93 | \ No newline at end of file | |
94 | +``` |
0 | Description: Fix spelling error | |
1 | Author: Sophie Brun <[email protected]> | |
2 | Last-Update: 2017-05-15 | |
3 | --- | |
4 | This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ | |
5 | --- a/phish/phishery.go | |
6 | +++ b/phish/phishery.go | |
7 | @@ -24,7 +24,7 @@ func StartPhishery(settingsFile string, | |
8 | settings := loadSettings(settingsFile) | |
9 | credStore, err := jstore.NewStore(credsFile) | |
10 | if err != nil { | |
11 | - return errors.New("Error initiliazing credential store: " + err.Error()) | |
12 | + return errors.New("Error initializing credential store: " + err.Error()) | |
13 | } | |
14 | neat.Event("Credential store initialized at: %s", credsFile) | |
15 | ||
16 | @@ -145,4 +145,4 @@ func printAuth(auth AuthInfo) { | |
17 | neat.Data("HTTP", "IP Address", auth.IPAddress) | |
18 | neat.Data("AUTH", "Username", auth.Username) | |
19 | neat.Data("AUTH", "Password", auth.Password) | |
20 | -} | |
21 | \ No newline at end of file | |
22 | +} |
0 | README.md |
0 | credentials.json server.crt server.key settings.json template.dotx etc/phishery |
0 | 3.0 (quilt) |
0 | Test-Command: phishery -v |