404 error but displaying the HTML code

[JellyWelly]

Thanks for reaching out! We're happy to help resolve issues as quickly as possible.

Please use this template when creating a new issue. If you do not follow this template format, your issue may be closed without comment.

Before filing a new issue, please use the search bar at the top of the browser to search for similar issues. Also, please make sure you have read our documentation, which covers how to use Gophish.

What version of Gophish are you using?: 0.50

Brief description of the issue: Created a new landing page it previews perfectly but when you click on it and it displays a 404 error and then the HTML code beneath it.

What are you expecting to see happen? : To see my landing page

What are you seeing happen? This error. 404 page not found

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html><head>
    <title></title>
    <style type="text/css">body{
    padding-left: 35px;
    padding-right: 35px;
    padding-top: 25px;
}
.button{
    clear: both;
    background-color: #aaa;
    border: 0 none;
    border-radius: 4px;
    color: #FFFFFF;
    cursor: pointer;
    display: inline-block;
    font-size: 15px;
    font-weight: bold;
    height: 32px;
    line-height: 32px;
    margin: 0 5px 10px 0;
    padding: 0 22px;
    text-align: center;
    text-decoration: none;
    vertical-align: top;
    white-space: nowrap;
    width: auto;
}
    </style>
</head>
<body data-gramm="true" data-gramm_editor="true" data-gramm_id="9aba6f6c-5dbc-8c4d-9c63-18da3394fa64" style="margin:10px;">
<p><img alt="" src="http://xxxxxxxx.jpg" style="width: 162px; height: 54px;"/></p>

<p><font color="#4d4f53" face="arial"><b>Urgent Staff Password Reset</b></font></p>

<p><font color="#4d4f53" face="arial">You have been directed to this page because your password has expired. Please log in below and you will be required to change your password immediately.</font></p>

<p> </p>

<form action="" method="post" name="signIn" novalidate="">
<h1>Sign in</h1>

<div><label for="ap_email">Email </label></div>
<input name="email_address" type="email"/>
<div><label for="ap_password">Password </label></div>
<input name="password" type="password"/> <input name="submit" type="submit" value="Sign In"/>
<div><input tabindex="4" type="checkbox" value="true"/> Keep me signed in</div>
</form>

<div class="footer_right_section">
<p class="bg_none"> </p>
</div>

<p>

If this question is related to email templates or landing pages not working as expected, please provide your template or landing page below:

<html><head>
    <title></title>
    <style type="text/css">body{
    padding-left: 35px;
    padding-right: 35px;
    padding-top: 25px;
}
.button{
    clear: both;
    background-color: #aaa;
    border: 0 none;
    border-radius: 4px;
    color: #FFFFFF;
    cursor: pointer;
    display: inline-block;
    font-size: 15px;
    font-weight: bold;
    height: 32px;
    line-height: 32px;
    margin: 0 5px 10px 0;
    padding: 0 22px;
    text-align: center;
    text-decoration: none;
    vertical-align: top;
    white-space: nowrap;
    width: auto;
}
    </style>
</head>
<body data-gramm="true" data-gramm_editor="true" data-gramm_id="9aba6f6c-5dbc-8c4d-9c63-18da3394fa64" style="margin:10px;">
<p><img alt="" src="http://xxxxxxxx.jpg" style="width: 162px; height: 54px;"/></p>

<p><font color="#4d4f53" face="arial"><b>Urgent Staff Password Reset</b></font></p>

<p><font color="#4d4f53" face="arial">You have been directed to this page because your password has expired. Please log in below and you will be required to change your password immediately.</font></p>

<p> </p>

<form action="" method="post" name="signIn" novalidate="">
<h1>Sign in</h1>

<div><label for="ap_email">Email </label></div>
<input name="email_address" type="email"/>
<div><label for="ap_password">Password </label></div>
<input name="password" type="password"/> <input name="submit" type="submit" value="Sign In"/>
<div><input tabindex="4" type="checkbox" value="true"/> Keep me signed in</div>
</form>

<div class="footer_right_section">
<p class="bg_none"> </p>
</div>

<p>{{.Tracker}}</p>

</body></html>

Please provide any terminal output that may be relevant below:

Insert output here

Please provide as many steps as you can to reproduce the problem:

• Step 1 -
• Step 2 -

[S0larflare]

If you take out the data-gramm attributes out so you just have a straight tag, does it make any difference? I think a malformed html page could cause this.

[jordan-wright]

Hey @JellyWelly, thanks for reaching out with this one. Just curious:

Created a new landing page it previews perfectly but when you click on it and it displays a 404 error and then the HTML code beneath it.

What does this mean? Is there a screenshot you could post for us?

[rfdevere]

Please watch out folks bejebus.

API key in thread, enough OSINT starting points to pinpoint the org, seconds to scan their blockspace... every phishing email receiptent will also get the phishing server IP as it’s then only a “company name Phishing” google search away from them to a log on. Let’s hope a Vishing call doesn’t hit this week along the lines of “hey you’ve successfully passed Phishing training, send me the email”

GoPhish is amazing and I’m paranoid but don’t forget why we go through this hassle in the first place.

[JellyWelly]

rfdevere - What is in the thread above that's a problem?

[JellyWelly]

@jordan-wright It looks OK on the editor / preview but not when you click on it via the email

[JellyWelly]

@S0larflare - Took them out, doesn't make a difference same again.

[S0larflare]

Wait, how are you getting them to your landing page? Both blocks of code you have posted appear to be a landing page, does your email have a link to {{.URL}}?

[JellyWelly]

Yep email has a URL and when I click on it, I get a 404 error and the html code beneath it. A different landing page works just this particular one doesn't

[JellyWelly]

[jordan-wright]

Ah ha! I think I see what's happening.

This appears to be due to a couple of missing return statements. Something is going wrong when Gophish is attempting to parse the template, so I default to a 404 but (and this is important) I don't return immediately after that like I do literally everywhere else 😛 . You can see this here https://github.com/gophish/gophish/blob/master/controllers/phish.go#L142

I need to get that fixed but, in the meantime, @JellyWelly you should be seeing some error messages in the terminal logs when you click the link around executing or parsing the template.

Sorry about the hassle here! I'll get this fixed asap and will keep y'all updated.

[jordan-wright]

Hey @JellyWelly, I've at least fixed the weird rendering side of things, which is a good start for now until I can add better validation when saving a landing page.

Just a heads up, the problem was related to the {{.Tracker}} template tag, which isn't supported in landing pages. This is because we track clicks for you - no need to have a separate image tag in the page 😄 The tracker really only comes in handy in email templates.

Hope this helps!

[JellyWelly]

Legend you've got it! Thanks again