joseraeiro
commented
2 years ago BTW, I'm using Ubuntu Server 22.04.
Closed joseraeiro closed 2 years ago
joseraeiro
commented
2 years ago BTW, I'm using Ubuntu Server 22.04.
glennzw
commented
2 years ago Hi @joseraeiro, could you try with curl and check the result please:
'curl -k https://172.16.99.13:3333'
You could also run this fuel command on the server to ensure gophish is properly running:
'curl -k https://localhost:3333'
Although that pr_connect_reset error makes me think there's some kind of proxy or load balancer in the middle.
joseraeiro
commented
2 years ago 'curl -k https://172.16.99.13:3333'
curl: (35) schannel: failed to receive handshake, SSL/TLS connection failed
'curl -k https://localhost:3333'
I've tried now to install Gophish inside a normal Ubuntu installation and I'm able to access it fine from within the server machine's browser but I still get the same error while trying to access externally.
glennzw
commented
2 years ago A few things to try:
Turn off TLS in the config.json and try over http (maybe the middleware is messing up the TLS).
Try run a tiny Python web server and hit that from your client (python -m SimpleHTTPServer 3333) and try connect to that
joseraeiro
commented
2 years ago
- Stop the gophish server and run the curl command again (let's see if something is 'catching' the connect).
curl: (35) Send failure: Connection was reset
- Turn off TLS in the config.json and try over http (maybe the middleware is messing up the TLS).
While trying with 'curl http://[IP]:3333 I get the following error message:
curl: (56) Recv failure: Connection was reset
And the browser shows:
- Try run a tiny Python web server and hit that from your client (python -m SimpleHTTPServer 3333) and try connect to that
It reprises the same error as above (both in the curl command and on the browser)
curl: (56) Recv failure: Connection was reset
It's weird because I'm able to use ncat to connect between the two, using port 3333!
glennzw
commented
2 years ago You can ncat, but I'm guessing you're ncat'ing into whatever middleware, and that's not passing the connection along to the intended service. e.g. try running the python webserver and then ncat this: GET / HTTP/1.0
e.g:
(but do the ncat from your remote client)
joseraeiro
commented
2 years ago On the server side I get this error:
Exception occurred during processing of request from ('172.16.100.2', 6808) Traceback (most recent call last): File "/usr/lib/python3.10/socketserver.py", line 683, in process_request_thread self.finish_request(request, client_address) File "/usr/lib/python3.10/http/server.py", line 1287, in finish_request self.RequestHandlerClass(request, client_address, self, File "/usr/lib/python3.10/http/server.py", line 651, in init super().init(*args, **kwargs) File "/usr/lib/python3.10/socketserver.py", line 747, in init self. Handle() File "/usr/lib/python3.10/http/server.py", line 425, in handle self.handle_one_request() File "/usr/lib/python3.10/http/server.py", line 393, in handle_one_request self.raw_requestline = self.rfile.readline(65537) File "/usr/lib/python3.10/socket.py", line 705, in readinto return self._sock.recv_into(b) ConnectionResetError: [Errno 104] Connection reset by peer
On the client side I get this error:
GET / HTTP/1.0 Ncat: An existing connection was forcibly closed by the remote host. .
I was able to access the Gophish server on the remote machine by changing the port to 443...so it is most definitely a Firewall.
Thanks a lot for all your help! :)
What version of Gophish are you using?:
v 0.12.0
Brief description of the issue:
I can't access the admin console at [machineIP]:3333
What are you expecting to see happen? :
I expected to see the login page.
What are you seeing happen?
I can't access the login page.
Please find the attached screenshot:
I tried to use ncat to test the connection between the server and the client from which I'm trying to access the Gophish server,as to test if there was any firewall rule preventing the connection, and was successful in doing so, as was suggested here https://github.com/gophish/gophish/issues/2421
Please provide any terminal output that may be relevant below:
next-it@srv-gophish:~/gophish-v0.12.0-linux-64bit$ sudo ./gophish time="2022-08-29T14:15:11Z" level=warning msg="No contact address has been configured." time="2022-08-29T14:15:11Z" level=warning msg="Please consider adding a contact_address entry in your config.json" goose: no migrations to run. current version: 20220321133237 time="2022-08-29T14:15:11Z" level=info msg="Please login with the username admin and the password 11714765fe9efb5f" time="2022-08-29T14:15:11Z" level=info msg="Starting admin server at https://0.0.0.0:3333" time="2022-08-29T14:15:11Z" level=info msg="Starting IMAP monitor manager" time="2022-08-29T14:15:11Z" level=info msg="Starting new IMAP monitor for user admin" time="2022-08-29T14:15:11Z" level=info msg="Starting phishing server at http://0.0.0.0:80" time="2022-08-29T14:15:11Z" level=info msg="Background Worker Started Successfully - Waiting for Campaigns" 2022/08/29 14:15:21 http: TLS handshake error from 172.16.100.2:53768: read tcp 172.16.99.13:3333->172.16.100.2:53768: read: connection reset by peer