image

Gophish is a powerful, easy-to-use, open-source phishing toolkit meant to help pentesters and businesses conduct real-world phishing simulations. This user guide introduces Gophish and shows how to use the software, building a complete campaign from start to finish.

the usage of gophish and very neat installation procedures inspired by note post on ired.team blog . so i will get brief installation of gophish with postfix server first then . bypass Digital ocean public IP address blacklisted .

installation of postfix server

apt-get install postfix

configuration of postfix

nano /etc/postfix/main.cf

then you have to modify the following value as your own digital ocean droplet

myhostname = {SMTP SERVER } alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases mydestination = $myhostname, ubt, ubuntu-s-1vcpu-1gb-fra1-01, localhost.localdomain, localhost relayhost = mynetworks={PUBLIC_IP_ADDRESS}

after saving these information , you have to reload postfix configuration

service postfix reload

## Domain Configuration<span class="blockHeadingAnchorIcon-1c2bf3cb"></span>

since i am using digital ocean , i only add digital ocean name servers values into my domain , so i can on this way control the dns through digital ocean networking section easily , so adding these values into your domain will solve this issue

ns1.digitalocean.com ns2.digitalocean.com ns3.digitalocean.com

and then through networking section , should be like this

![](https://gblobscdn.gitbook.com/assets%2F-LeHFsaS3PCSmBgWrxfp%2F-Lk8vy4aG8YRsWKqfe2y%2F-Lk8wGVcsjHU3q-Kb7Bp%2Fdns.png?alt=media&token=e9644e3c-0741-48ec-ac71-06905f9bd0d3)

## installation of Gophish<span class="blockHeadingAnchorIcon-1c2bf3cb"></span>

from your terminal , execute the following commands

wget https://github.com/gophish/gophish/releases/download/0.7.1/gophish-v0.7.1-linux-64bit.zip apt install unzip unzip gophish-v0.7.1-linux-64bit.zip chmod +x gophish

after installation is finished , run it

./gophish

## Access GoPhish by SSH tunneling<span class="blockHeadingAnchorIcon-1c2bf3cb"></span>

gophish in default is running on local interface with port 3333 , so we have to start ssh tunneling to access it

ssh root@ipofdroplet -L3333:localhost:3333 -N -f

access it `https:\\localhost:3333`

## installation of Free SSL Certification for Postfix or Gophish<span class="blockHeadingAnchorIcon-1c2bf3cb"></span>

apt install certbot

then generate free ssl certification

certbot certonly --standalone -d mail.phish.com

the paths of certifications comes as following examples

/etc/letsencrypt/live/mail.phish.com/

to activate ssl on **postfix** you have to edit `main.cf` as :

smtpd_tls_cert_file=/etc/letsencrypt/live/mail.phish.com/fullchain.pem smtpd_tls_key_file=/etc/letsencrypt/live/mail.phish.com/privkey.pem

in case want to activate ssl certification on Gophish , edit `config.json` and replace it with correct path

"admin_server": { "listen_url": "127.0.0.1:3333", "use_tls": true, "cert_path": "gophish_admin.crt", "key_path": "gophish_admin.key" }, "phish_server": { "listen_url": "0.0.0.0:80", "use_tls": false, "cert_path": "example.crt", "key_path": "example.key"

## **Bypass Public IP black list on Digital Ocean**

about **60** % of ip address comes from Digital ocean considered as spam or black listed , so servers like `Gmail` or `outlook` will refuse to accept your phishing email completely , so what we are going to do as trick with 5 $ box is by using **floating ip out bound routing**

## **Bypass Blocked Public IP While sending through SMTP**

access your droplet via ssh then execute the following command first

curl -s 169.254.169.254/metadata/v1/interfaces/public/0/anchor_ipv4/gateway

then copy the ip address from output and execute the following

route add default gw {IP}

then

route del default gw

to validate your work

curl icanhazip.com

in case SSH terminated , make sure to connect again into **floating IP** instead of **Public IP** make sure to allow port 25 outbound from **ufw firewall**