GoPhish 101

Basic GoPhish Setup

ATTACK

Krista B.

12/8/20242 min read

Basic GoPhish Setup

The first thing you need to get GoPhish up and running is some computing power. You are welcome to download it right onto your local machine, or spin up your own cloud instance. We often use Digital Ocean droplets as they are low cost and easy to use. If you wish to install GoPhish locally you can skip right to the "Setting up GoPhish" section.

Setting up Digital Ocean Droplet

  1. If you don't already have a Digital Ocean account, you can make one for free.

  2. Once in your account, you want to create a new droplet. It doesn't require much power, so you are welcome to use the base specs provided here or customize to your preferences.

    1. Choose whichever region is closest to you, and leave the default datacenter.

    2. Choose the latest version of Ubuntu.

    3. Droplet Type: Basic (Shared CPU)

    4. CPU Options: Regular CPU (Disk Type: SSD) - $6/mo with the following specs

      • 1 GB / 1 CPU

      • 25 GB SSD Disk

      • 1000 GB Transfer

  3. Choose your authentication method, either SSH key pair (Digital Ocean can walk you through the setup) or password (be sure to remember this password!).

  4. Change the hostname if you wish and then click "Create Droplet."

  5. Once the droplet has been spun up you can access it via the Digital Ocean console, or via any command line using the SSH key or password you created above in step 3.

    1. To use the SSH Key, you simply run ssh -i <your_key_file> root@<your_droplet_ip>

    2. To use your password, just run ssh root@<your_droplet_ip> and enter your password

Setting up GoPhish

  1. Find latest version via the "Releases" section on the GitHub.

    Releases · gophish/gophish (github.com)

  2. Download to your machine using wget:

    sudo wget https://github.com/gophish/gophish/releases/download/v0.12.1/gophish-v0.12.1-linux-64bit.zip (replace the URL with the latest version)

  3. Then unzip the file:

    apt install unzip (you might need to run this if you just spun up a droplet)

    sudo unzip gophish-v0.12.1-linux-64bit.zip (replace file with your file name)

  4. Next you can update the GoPhish config file to change which IPs and ports GoPhish uses. It is best practice to changes the values of the admin_server listener_url to 0.0.0.0:<your_favorite_port> and the phish_server listener_url to 0.0.0.0:80 or 0.0.0.0:443 depending on if you will be hosting the site using HTTP or HTTPS.

  5. Add execute privileges using chmod:

    chmod +x gophish

  6. Run sudo ./gophish

  7. Go to https://<droplet/host-ip>:<port> to navigate to the admin screen

    Note the default username is admin and a unique password is generate upon running GoPhish. It will appear in the logs and prompt you to update the password after the first login.