{"id":18737,"date":"2023-09-11T19:53:39","date_gmt":"2023-09-11T16:53:39","guid":{"rendered":"https:\/\/kifarunix.com\/?p=18737"},"modified":"2024-03-10T11:25:20","modified_gmt":"2024-03-10T08:25:20","slug":"install-gophish-on-ubuntu-22-04","status":"publish","type":"post","link":"https:\/\/kifarunix.com\/install-gophish-on-ubuntu-22-04\/","title":{"rendered":"Install Gophish on Ubuntu 22.04"},"content":{"rendered":"\n<p>In this guide, you will learn how to install&nbsp;<a href=\"https:\/\/getgophish.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">Gophish<\/a>&nbsp;on Ubuntu 22.04. Gophish is a powerful open-source phishing framework that enables organizations to quickly and easily setup and execute phishing engagements and security awareness training.<\/p>\n\n\n\n<p>When a phishing campaign is launched, Gophish updates the results automatically. Using the UI, you can view a timeline for each recipient, tracking email opens, link clicks, submitted credentials, etc.<\/p>\n\n\n\n<div class=\"wp-block-rank-math-toc-block\" id=\"rank-math-toc\"><h2>Table of Contents<\/h2><nav><ul><li><a href=\"#installing-gophish-on-ubuntu-22-04\">Installing Gophish on Ubuntu 22.04<\/a><ul><li><a href=\"#install-gophish-using-linux-binary\">Install Gophish Using Linux Binary<\/a><ul><li><a href=\"#download-gophish\">Download Gophish<\/a><\/li><li><a href=\"#install-gophish-using-linux-binary-1\">Install Gophish Using Linux Binary<\/a><\/li><\/ul><\/li><li><a href=\"#install-gophish-from-source\">Install Gophish from Source<\/a><ul><li><a href=\"#install-go-and-c-compiler-on-ubuntu-22-04\">Install go and C compiler on Ubuntu 22.04<\/a><\/li><li><a href=\"#installing-gophish-from-source\">Installing Gophish from Source<\/a><\/li><\/ul><\/li><li><a href=\"#run-gophish\">Run Gophish<\/a><\/li><li><a href=\"#accessing-gophish-admin-server-web-interface\">Accessing Gophish Admin Server Web Interface<\/a><\/li><li><a href=\"#accessing-gophish-phish-server\">Accessing Gophish Phish Server<\/a><\/li><li><a href=\"#run-gophish-as-systemd-service\">Run Gophish as Systemd service<\/a><\/li><li><a href=\"#configure-gophish-with-maria-db-my-sql-database\">Configure Gophish with MariaDB\/MySQL Database<\/a><ul><li><a href=\"#install-maria-db-my-sql-on-ubuntu-22-04\">Install MariaDB\/MySQL on Ubuntu 22.04<\/a><\/li><li><a href=\"#create-gophish-database-and-database-user\">Create Gophish Database and Database User<\/a><\/li><li><a href=\"#configure-gophish-with-maria-db-my-sql\">Configure Gophish with MariaDB\/MySQL<\/a><\/li><li><a href=\"#restart-gophish\">Restart Gophish<\/a><\/li><\/ul><\/li><li><a href=\"#configure-gophish-with-https-ssl-tls\">Configure Gophish with HTTPS (SSL\/TLS)<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"installing-gophish-on-ubuntu-22-04\">Installing Gophish on Ubuntu 22.04<\/h2>\n\n\n\n<p>Installing Gophish on Ubuntu 22.04 is one easy step. There are two approaches though that you can use in this case:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Installing Gophish on Ubuntu 22.04 using&nbsp;<a href=\"https:\/\/github.com\/gophish\/gophish\/releases\/\" target=\"_blank\" rel=\"noreferrer noopener\">OS-specific binary<\/a><\/li>\n\n\n\n<li>Building Gophish from source.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"install-gophish-using-linux-binary\">Install Gophish Using Linux Binary<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"download-gophish\">Download Gophish<\/h4>\n\n\n\n<p>Download Gophish pre-built binary for Linux from the&nbsp;<a href=\"https:\/\/github.com\/gophish\/gophish\/releases\/\" target=\"_blank\" rel=\"noreferrer noopener\">releases page<\/a>.<\/p>\n\n\n\n<p>The current release version as of this writing is v0.12.1. Thus, replace the value of the VER below with the current release version number.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>VER=0.12.1<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>wget https:\/\/github.com\/gophish\/gophish\/releases\/download\/v${VER}\/gophish-v${VER}-linux-64bit.zip<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"install-gophish-using-linux-binary-1\">Install Gophish Using Linux Binary<\/h4>\n\n\n\n<p>Once you get Gophish zipped binary file, you need to unzip it to get the binary itself.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo apt update<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo apt install zip<\/code><\/pre>\n\n\n\n<p>You can unzip the binary to \/opt\/gophish directory, which will act as the installation directory for Gophish.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo unzip gophish-v${VER}-linux-64bit.zip -d \/opt\/gophish<\/code><\/pre>\n\n\n\n<p>The Gophish installer is now located under \/opt\/gophish.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>ls -1 \/opt\/gophish<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>config.json\ndb\ngophish\nLICENSE\nREADME.md\nstatic\ntemplates\nVERSION<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"install-gophish-from-source\">Install Gophish from Source<\/h3>\n\n\n\n<p>If you want, you can also build Gophish on Ubuntu 22.04 from source.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"install-go-and-c-compiler-on-ubuntu-22-04\">Install go and C compiler on Ubuntu 22.04<\/h4>\n\n\n\n<p>To go this route, you need <strong><code>go<\/code><\/strong> installed.<\/p>\n\n\n\n<p>Download go archive from <a href=\"https:\/\/go.dev\/dl\/\" target=\"_blank\" rel=\"noopener\">downloads page<\/a>.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>wget https:\/\/go.dev\/dl\/go1.21.1.linux-amd64.tar.gz<\/code><\/pre>\n\n\n\n<p>Remove previus Go installation and install current Go;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo rm -rf \/usr\/local\/go &amp;&amp; sudo tar -C \/usr\/local -xzf go1.21.1.linux-amd64.tar.gz<\/code><\/pre>\n\n\n\n<p>Add <strong>\/usr\/local\/go\/bin<\/strong> to the&nbsp;<code>PATH<\/code>&nbsp;environment variable;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo sed -i 's#\"$#:\/usr\/local\/go\/bin\"#' \/etc\/environment<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>source \/etc\/environment<\/code><\/pre>\n\n\n\n<p>Install C compiler;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo apt install gcc<\/code><\/pre>\n\n\n\n<p>Similary, update sudoers file with Go path;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo su -<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>visudo -f \/etc\/sudoers<\/code><\/pre>\n\n\n\n<p>Change line below;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>Defaults        secure_path=\"\/usr\/local\/sbin:\/usr\/local\/bin:\/usr\/sbin:\/usr\/bin:\/sbin:\/bin:\/snap\/bin\"<\/code><\/pre>\n\n\n\n<p>to;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>Defaults        secure_path=\"\/usr\/local\/sbin:\/usr\/local\/bin:\/usr\/sbin:\/usr\/bin:\/sbin:\/bin:\/snap\/bin:<strong>\/usr\/local\/go\/bin<\/strong>\"<\/code><\/pre>\n\n\n\n<p>Save and exit the sudoers file.<\/p>\n\n\n\n<p>Check if the sudeors syntax is okay.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>visudo -c -f \/etc\/sudoers<\/code><\/pre>\n\n\n\n<p>Ensure everything is Okay;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>\/etc\/sudoers: parsed OK\n\/etc\/sudoers.d\/README: parsed OK<\/code><\/pre>\n\n\n\n<p>Exit from root!<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>exit<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"installing-gophish-from-source\">Installing Gophish from Source<\/h4>\n\n\n\n<p>Install git package;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo apt install git<\/code><\/pre>\n\n\n\n<p>Navigate to \/opt directorym clone Gophish Github repo and install it;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>cd \/opt\/<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo git clone https:\/\/github.com\/gophish\/gophish.git<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>cd gophish<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo go build<\/code><\/pre>\n\n\n\n<p>Once the build is done, you will have a <strong>gophish<\/strong> binary in the \/opt\/gophish directory.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"run-gophish\">Run Gophish<\/h3>\n\n\n\n<p>Now that the installation of Gophish is done, we can run it and begin phishing campaigns.<\/p>\n\n\n\n<p>Stop and disable Apache if it is installed and running;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo systemctl stop apache2<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo systemctl mask apache2<\/code><\/pre>\n\n\n\n<p>Update the permissions of the Gophish configuration file;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo chmod 0640 \/opt\/gophish\/config.json<\/code><\/pre>\n\n\n\n<p>Start Gophish by navigating to the install directory and run the&nbsp;<code>gophish<\/code>&nbsp;binary as follows;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>cd \/opt\/gophish<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo chmod +x gophish<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo .\/gophish<\/code><\/pre>\n\n\n\n<pre class=\"scroll-box\"><code>time=\"2023-09-11T10:39:13Z\" level=warning msg=\"No contact address has been configured.\"\ntime=\"2023-09-11T10:39:13Z\" level=warning msg=\"Please consider adding a contact_address entry in your config.json\"\ngoose: migrating db environment 'production', current version: 0, target: 20220321133237\nOK    20160118194630_init.sql\nOK    20160131153104_0.1.2_add_event_details.sql\nOK    20160211211220_0.1.2_add_ignore_cert_errors.sql\nOK    20160217211342_0.1.2_create_from_col_results.sql\nOK    20160225173824_0.1.2_capture_credentials.sql\nOK    20160227180335_0.1.2_store-smtp-settings.sql\nOK    20160317214457_0.2_redirect_url.sql\nOK    20160605210903_0.2_campaign_scheduling.sql\nOK    20170104220731_0.2_result_statuses.sql\nOK    20170219122503_0.2.1_email_headers.sql\nOK    20170827141312_0.4_utc_dates.sql\nOK    20171027213457_0.4.1_maillogs.sql\nOK    20171208201932_0.4.1_next_send_date.sql\nOK    20180223101813_0.5.1_user_reporting.sql\nOK    20180524203752_0.7.0_result_last_modified.sql\nOK    20180527213648_0.7.0_store_email_request.sql\nOK    20180830215615_0.7.0_send_by_date.sql\nOK    20190105192341_0.8.0_rbac.sql\nOK    20191104103306_0.9.0_create_webhooks.sql\nOK    20200116000000_0.9.0_imap.sql\nOK    20200619000000_0.11.0_password_policy.sql\nOK    20200730000000_0.11.0_imap_ignore_cert_errors.sql\nOK    20200914000000_0.11.0_last_login.sql\nOK    20201201000000_0.11.0_account_locked.sql\nOK    20220321133237_0.4.1_envelope_sender.sql\ntime=\"2023-09-11T10:39:18Z\" level=info msg=\"Please login with the username admin and the password 7b2d83385a318596\"\ntime=\"2023-09-11T10:39:18Z\" level=info msg=\"Creating new self-signed certificates for administration interface\"\ntime=\"2023-09-11T10:39:18Z\" level=info msg=\"Starting IMAP monitor manager\"\ntime=\"2023-09-11T10:39:18Z\" level=info msg=\"Starting new IMAP monitor for user admin\"\ntime=\"2023-09-11T10:39:18Z\" level=info msg=\"Starting phishing server at http:\/\/0.0.0.0:80\"\ntime=\"2023-09-11T10:39:18Z\" level=info msg=\"Background Worker Started Successfully - Waiting for Campaigns\"\ntime=\"2023-09-11T10:39:18Z\" level=info msg=\"TLS Certificate Generation complete\"\ntime=\"2023-09-11T10:39:18Z\" level=info msg=\"Starting admin server at https:\/\/127.0.0.1:3333\"\n<\/code><\/pre>\n\n\n\n<p>If you need to free the terminal, send Gophish to the background<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo .\/gophish &amp;<\/code><\/pre>\n\n\n\n<p>If you want to bring the process to foreground, simply run the command below on the terminal;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>fg<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"accessing-gophish-admin-server-web-interface\">Accessing Gophish Admin Server Web Interface<\/h3>\n\n\n\n<p>You can verify that Gophish admin server is listening on&nbsp;<code>tcp port 3333<\/code>&nbsp;on&nbsp;<code>localhost<\/code>&nbsp;using netstat command.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>netstat -al | grep 3333<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>tcp        0      0 localhost:3333          0.0.0.0:*               LISTEN     \ntcp        0      0 localhost:3333          localhost:55844         TIME_WAIT<\/code><\/pre>\n\n\n\n<p>Gophish admin server is set to listen on localhost tcp port 3333 by default and hence can be accessed via&nbsp;<strong>https:\/\/localhost:3333<\/strong>.<\/p>\n\n\n\n<p>If you are accessing Gophish admin from a remote system, then you can do SSH port forwarding if Gophis is running locally.<\/p>\n\n\n\n<p>You can as well reconfigure Gophish admin server to listen on all interfaces or just a specific interface.<\/p>\n\n\n\n<p>To perform a local SSH port forwarding, run the command below on your host machine.<\/p>\n\n\n\n<p>In this example, 192.168.0.113 is the IP of the Gophish admin server.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>ssh -N -L 3333:127.0.0.1:3333 kifarunix@192.168.0.113<\/code><\/pre>\n\n\n\n<p>To explicitly configure Gophish admin server to listen on an interface IP, edit the&nbsp;<strong><code>config.json<\/code><\/strong>&nbsp;file on the installation folder,&nbsp;<code>\/opt\/gophish<\/code>, in this case and substitute the loopback IP, 127.0.0.1 with an interface IP as shown below.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo vim \/opt\/gophish\/config.json<\/code><\/pre>\n\n\n\n<pre class=\"scroll-box\"><code>    \"admin_server\": {\n            \"listen_url\": \"192.168.0.113:3333\",\n            \"use_tls\": true,\n            \"cert_path\": \"gophish_admin.crt\",\n            \"key_path\": \"gophish_admin.key\"\n    },\n<\/code><\/pre>\n\n\n\n<p>Save the changes and run gophish binary;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>cd \/opt\/gophish<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo .\/gophish<\/code><\/pre>\n\n\n\n<p>If UFW is running, allow remote access to Gophish.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>ufw allow 3333\/tcp<\/code><\/pre>\n\n\n\n<p>You can then access Gophish web UI using the address,&nbsp;<code>https:\/\/192.168.0.113:3333<\/code>.<\/p>\n\n\n\n<p>The login credentials for Gophish are&nbsp;printed out in the Gophish start command;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>time=\"2023-09-11T10:50:08Z\" level=info msg=\"Please login with the username <strong>admin<\/strong> and the password <strong>8476fbfad08cd1cb<\/strong>\"<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1470\" height=\"806\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2023\/09\/gophish-admin-server-web-interface.png\" alt=\"\" class=\"wp-image-18743\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2023\/09\/gophish-admin-server-web-interface.png?v=1694450913 1470w, https:\/\/kifarunix.com\/wp-content\/uploads\/2023\/09\/gophish-admin-server-web-interface-768x421.png?v=1694450913 768w\" sizes=\"(max-width: 1470px) 100vw, 1470px\" \/><\/figure>\n\n\n\n<p>You will then be prompted to reset your password. Reset and proceed to login to Gophish dashboard.<\/p>\n\n\n\n<p>Login to Gophish dashboard.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1472\" height=\"699\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2023\/09\/gophish-dashboard.png\" alt=\"\" class=\"wp-image-18744\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2023\/09\/gophish-dashboard.png?v=1694450926 1472w, https:\/\/kifarunix.com\/wp-content\/uploads\/2023\/09\/gophish-dashboard-768x365.png?v=1694450926 768w\" sizes=\"(max-width: 1472px) 100vw, 1472px\" \/><\/figure>\n\n\n\n<p>That is the default Gophish dashboard. In our next guide, we will learn how to create phishing campaigns.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"accessing-gophish-phish-server\">Accessing Gophish Phish Server<\/h3>\n\n\n\n<p>You can check if you can access Gophish phish server using the address <strong><code>http[s]:\/\/server-IP-or-domain<\/code><\/strong>.<\/p>\n\n\n\n<p>If you get &#8220;<strong>404 page not found<\/strong>&#8220;, it confirms Phish server is okay. If you have an active campaign. add RID to your address, <strong><code>http[s]:\/\/server-IP-or-domain\/?rid=xxxxxxxx<\/code><\/strong>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"run-gophish-as-systemd-service\">Run Gophish as Systemd service<\/h3>\n\n\n\n<p>To run Gophish as a systemd service, you need to create the service unit configuration file.<\/p>\n\n\n\n<p>In this guide, we are going to create a systemd service configuration file.<\/p>\n\n\n\n<p>To run Gophish as a service, you need to create a non-privileged user used to run the service.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo useradd -r gophish -M -d \/opt\/gophish\/<\/code><\/pre>\n\n\n\n<p>Next, create a Gophish systemd service configuration with the following content.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo vim \/etc\/systemd\/system\/gophish.service<\/code><\/pre>\n\n\n\n<pre class=\"scroll-box\"><code>[Unit]\nDescription=Gophish, an open-source phishing toolkit\nDocumentation=https:\/\/getgophish.com\/documentation\/\nAfter=network.target\n\n[Service]\nWorkingDirectory=\/opt\/gophish\nUser=gophish\nEnvironment='STDOUT=\/var\/log\/gophish\/gophish.log'\nEnvironment='STDERR=\/var\/log\/gophish\/gophish.log'\nPIDFile=\/var\/run\/gophish\nExecStart=\/bin\/sh -c \"\/opt\/gophish\/gophish >>${STDOUT} 2>>${STDERR}\"\n\n[Install]\nWantedBy=multi-user.target\n<\/code><\/pre>\n\n\n\n<p>Next, create the log directory.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo mkdir \/var\/log\/gophish<\/code><\/pre>\n\n\n\n<p>Set the proper ownership for the Gophish installation as well as the log directory.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo chown -R gophish:gophish \/opt\/gophish\/ \/var\/log\/gophish\/<\/code><\/pre>\n\n\n\n<p>Give Gophish binary capabilities to open port 80<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo setcap cap_net_bind_service=+ep \/opt\/gophish\/gophish<\/code><\/pre>\n\n\n\n<p>Reload Systemd Configurations<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo systemctl daemon-reload<\/code><\/pre>\n\n\n\n<p>Start and enable Gophish service to run on system boot.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo systemctl enable --now gophish<\/code><\/pre>\n\n\n\n<p>Check Gophish service status<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo systemctl status gophish<\/code><\/pre>\n\n\n\n<pre class=\"scroll-box\"><code>\u25cf gophish.service - Gophish, an open-source phishing toolkit\n     Loaded: loaded (\/etc\/systemd\/system\/gophish.service; enabled; vendor preset: enabled)\n     Active: active (running) since Mon 2023-09-11 11:13:36 UTC; 2s ago\n       Docs: https:\/\/getgophish.com\/documentation\/\n   Main PID: 3727 (sh)\n      Tasks: 6 (limit: 2219)\n     Memory: 5.1M\n        CPU: 15ms\n     CGroup: \/system.slice\/gophish.service\n             \u251c\u25003727 \/bin\/sh -c \"\/opt\/gophish\/gophish >>\/var\/log\/gophish\/gophish.log 2>>\/var\/log\/gophish\/gophish.log\"\n             \u2514\u25003728 \/opt\/gophish\/gophish\n\nSep 11 11:13:36 jammy systemd[1]: Started Gophish, an open-source phishing toolkit.\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"configure-gophish-with-maria-db-my-sql-database\">Configure Gophish with MariaDB\/MySQL Database<\/h3>\n\n\n\n<p>Gophish uses SQLite database by default. While it is simple and lightweight, MariaDB\/MySQL will give you more scalability and performance features as compared to SQLite. Hence, you might want to consider using MariaDB\/MySQL database.<\/p>\n\n\n\n<p>So, if you want to configure Gophish to use MariaDB instead, how can you go about it?<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"install-maria-db-my-sql-on-ubuntu-22-04\">Install MariaDB\/MySQL on Ubuntu 22.04<\/h4>\n\n\n\n<p>Install MariaDB\/MySQL on Ubuntu 22.04;<\/p>\n\n\n\n<p><a href=\"https:\/\/kifarunix.com\/?s=install+mariadb\">How to install MariaDB<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/kifarunix.com\/?s=install+mysql\" target=\"_blank\" rel=\"noreferrer noopener\">How to install MySQL<\/a><\/p>\n\n\n\n<p>We are using MariaDB in this guide. Steps should be same, either way!<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"create-gophish-database-and-database-user\">Create Gophish Database and Database User<\/h4>\n\n\n\n<p>Login to the MariaDB\/MySQL server using the command line or a database management tool such as phpMyAdmin. Once logged in, execute the following commands to create a new database and a user for Gophish:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>CREATE DATABASE gophish;<br>CREATE USER 'gophishuser'@'localhost' IDENTIFIED BY 'password';<br>GRANT ALL PRIVILEGES ON gophish.* TO 'gophishuser'@'localhost';<\/code><\/pre>\n\n\n\n<p>Replace Database name, &#8216;<strong><code>gophish<\/code><\/strong>&#8216;, the user, &#8216;<strong><code>gophishuser<\/code><\/strong>&#8216; and the password, &#8216;<strong><code>password<\/code><\/strong>&#8216; with a strong password for the Gophish user.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"configure-gophish-with-maria-db-my-sql\">Configure Gophish with MariaDB\/MySQL<\/h4>\n\n\n\n<p>To configure Gophish to use MariaDB\/MySQL, open the configuration file located at <strong><code>\/opt\/gophish\/config.json<\/code><\/strong> using a text editor.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo vim \/opt\/gophish\/config.json<\/code><\/pre>\n\n\n\n<p>Find the &#8220;db_name&#8221; and &#8220;db_path&#8221;;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>        \"db_name\": \"sqlite3\",\n        \"db_path\": \"gophish.db\",<\/code><\/pre>\n\n\n\n<p>And update with the appropriate values. The format for the <code>db_path<\/code> entry is <code>username:password@(host:port)\/database?charset=utf8&amp;parseTime=True&amp;loc=UTC<\/code>.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>        \"db_name\": \"<strong>mysql<\/strong>\",\n        \"db_path\": \"<strong>gophishuser:password@(localhost:3306)\/gophish?charset=utf8&amp;parseTime=True&amp;loc=UTC<\/strong>\",<\/code><\/pre>\n\n\n\n<p>Save the changes and exit the text editor.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"restart-gophish\">Restart Gophish<\/h4>\n\n\n\n<p>Finally, restart the Gophish service for the changes to take effect:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo systemctl restart gophish<\/code><\/pre>\n\n\n\n<p>Gophish will now be configured to use the MariaDB\/MySQL database.<\/p>\n\n\n\n<pre class=\"scroll-box\"><code>\u25cf gophish.service - Gophish, an open-source phishing toolkit\n     Loaded: loaded (\/etc\/systemd\/system\/gophish.service; enabled; vendor preset: enabled)\n     Active: active (running) since Mon 2023-09-11 15:54:56 UTC; 14s ago\n       Docs: https:\/\/getgophish.com\/documentation\/\n   Main PID: 1548 (sh)\n      Tasks: 5 (limit: 2219)\n     Memory: 2.3M\n        CPU: 10ms\n     CGroup: \/system.slice\/gophish.service\n             \u251c\u25001548 \/bin\/sh -c \"\/opt\/gophish\/gophish >>\/var\/log\/gophish\/gophish.log 2>>\/var\/log\/gophish\/gophish.log\"\n             \u2514\u25001549 \/opt\/gophish\/gophish\n\nSep 11 15:54:56 jammy systemd[1]: Started Gophish, an open-source phishing toolkit.\n<\/code><\/pre>\n\n\n\n<p>That&#8217;s it! You have successfully configured Gophish to use MariaDB\/MySQL as the database backend.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"configure-gophish-with-https-ssl-tls\">Configure Gophish with HTTPS (SSL\/TLS)<\/h3>\n\n\n\n<p>It is prudent to enable HTTPS connection for Gophish.<\/p>\n\n\n\n<p>To proceed, ensure that you have SSL\/TLS your certificates. We are using our Let&#8217;s Encrypt certificates in this guide.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo vim \/opt\/gophish\/config.json<\/code><\/pre>\n\n\n\n<p>I will update this configuration;<\/p>\n\n\n\n<pre class=\"scroll-box\"><code>        \"admin_server\": {\n                \"listen_url\": \"127.0.0.1:3333\",\n                \"use_tls\": true,\n                \"cert_path\": \"gophish_admin.crt\",\n                \"key_path\": \"gophish_admin.key\",\n                \"trusted_origins\": []\n        },\n        \"phish_server\": {\n                \"listen_url\": \"0.0.0.0:80\",\n                \"use_tls\": false,\n                \"cert_path\": \"example.crt\",\n                \"key_path\": \"example.key\"\n        },\n<\/code><\/pre>\n\n\n\n<p>to;<\/p>\n\n\n\n<pre class=\"scroll-box\"><code>        \"admin_server\": {\n                \"listen_url\": \"0.0.0.0:3333\",\n                \"use_tls\": true,\n                \"cert_path\": \"\/opt\/gophish\/ssl\/fullchain.pem\",\n                \"key_path\": \"\/opt\/gophish\/ssl\/privkey.pem\",\n                \"trusted_origins\": []\n        },\n        \"phish_server\": {\n                \"listen_url\": \"0.0.0.0:443\",\n                \"use_tls\": true,\n                \"cert_path\": \"\/opt\/gophish\/ssl\/fullchain.pem\",\n                \"key_path\": \"\/opt\/gophish\/ssl\/privkey.pem\"\n        },\n<\/code><\/pre>\n\n\n\n<p>We copied Let&#8217;s Encrypt ssl certs to <strong>\/opt\/gophish\/ss<\/strong>l directory and set owner to <strong>gophish<\/strong> user;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>ls -alh \/opt\/gophish\/ssl\/<\/code><\/pre>\n\n\n\n<pre class=\"scroll-sz\"><code>total 20K\ndrwxr-xr-x 2 gophish gophish 4.0K Sep 11 16:36 .\ndrwxr-xr-x 6 gophish gophish 4.0K Sep 11 16:40 ..\n-rw-r--r-- 1 gophish gophish 5.2K Sep 11 16:34 fullchain.pem\n-rw------- 1 gophish gophish  241 Sep 11 16:36 privkey.pem\n<\/code><\/pre>\n\n\n\n<p>Finally, restart the Gophish service for the changes to take effect:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo systemctl restart gophish<\/code><\/pre>\n\n\n\n<p>Verify Gophish Admin server HTTPS connection.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1469\" height=\"751\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2023\/09\/gophish-https-connection.png\" alt=\"Install Gophish on Ubuntu 22.04\" class=\"wp-image-18745\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2023\/09\/gophish-https-connection.png?v=1694450971 1469w, https:\/\/kifarunix.com\/wp-content\/uploads\/2023\/09\/gophish-https-connection-768x393.png?v=1694450971 768w\" sizes=\"(max-width: 1469px) 100vw, 1469px\" \/><\/figure>\n\n\n\n<p>Similarly, the Phish server https connection;<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1092\" height=\"320\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2023\/09\/phish-server.png\" alt=\"\" class=\"wp-image-18746\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2023\/09\/phish-server.png?v=1694450984 1092w, https:\/\/kifarunix.com\/wp-content\/uploads\/2023\/09\/phish-server-768x225.png?v=1694450984 768w\" sizes=\"(max-width: 1092px) 100vw, 1092px\" \/><\/figure>\n\n\n\n<p>That marks the end of our tutorial on installing Gophish on Ubuntu 22.04.<\/p>\n\n\n\n<p><a href=\"https:\/\/getgophish.com\/documentation\/\" target=\"_blank\" rel=\"noreferrer noopener\">Further Reading: Gophish Documentations<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In this guide, you will learn how to install&nbsp;Gophish&nbsp;on Ubuntu 22.04. Gophish is a powerful open-source phishing framework that enables organizations to quickly and easily<\/p>\n","protected":false},"author":10,"featured_media":18743,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"rank_math_lock_modified_date":false,"footnotes":""},"categories":[121,889,34],"tags":[7235,7237,7236],"class_list":["post-18737","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-howtos","category-phishing","category-security","tag-how-do-i-install-gophish-on-ubuntu","tag-how-do-i-start-the-gophish-service","tag-what-is-the-default-password-for-gophish","generate-columns","tablet-grid-50","mobile-grid-100","grid-parent","grid-50","resize-featured-image"],"_links":{"self":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/18737"}],"collection":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/comments?post=18737"}],"version-history":[{"count":9,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/18737\/revisions"}],"predecessor-version":[{"id":20849,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/18737\/revisions\/20849"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/media\/18743"}],"wp:attachment":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/media?parent=18737"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/categories?post=18737"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/tags?post=18737"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}