New Installation

[rdburrus]

I am having issues with a new installation of Phishing-Frenzy. I have completed the install, when I type the address into the browser I just get a page of files/folders that are located in the public folder. Any idea what might be happening?

[zeknox]

Yeah, passenger is likely not rendering the rails portion of the app. Make sure that you added the appropriate passenger lines (3) to the /etc/apache2/apache.conf file. Also you may want need to remove or comment out the passenger lines at the top of pf.conf if they exist.

Restart apache when making any config changes before testing.

[rdburrus]

Here is what I have added to the apache2.conf file:

LoadModule passenger_module /usr/local/rvm/gems/ruby-2.1.5/gems/passenger-5.0.21/buildout/apache2/mod_passenger.so

---

Ryan Burrus Senior Consultant, Technology Services Allen, Gibbs & Houlik, L.C. 301 N. Main, Suite 1700 Wichita, KS 67202-4868 Phone: (316) 291-4168 Fax: (316) 267-0339

---

From: Brandon McCann [notifications@github.com] Sent: Monday, October 26, 2015 3:59 PM To: pentestgeek/phishing-frenzy Cc: Ryan D. Burrus Subject: Re: [phishing-frenzy] New Installation (#248)

Yeah, passenger is likely not rendering the rails portion of the app. Make sure that you added the appropriate passenger lines (3) to the /etc/apache2/apache.conf file. Also you may want need to remove or comment out the passenger lines at the top of pf.conf if they exist.

Restart apache when making any config changes before testing.

— Reply to this email directly or view it on GitHubhttps://github.com/pentestgeek/phishing-frenzy/issues/248#issuecomment-151283297.

[http://www.aghlc.com/downloads/act_bestfirmstoworkfor2014.jpg] Any discussion of tax matters contained herein (including any attachments unless expressly stated otherwise) is not intended or written to be tax advice, and cannot be relied upon as such, nor can it be used for the purpose of: (i) avoiding tax penalties that may be imposed by the IRS or states, or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. If you seek definitive tax advice on a matter, please request a written tax memorandum from your AGH tax advisor. The information in this email is confidential, may be legally privileged and is intended solely for the original addressee. If you are not the intended recipient, any reliance upon the information in this email is strictly prohibited and may be unlawful. Such reliance includes, but is not limited to: disclosure, copying, distribution, actions taken and actions avoided.

[zeknox]

I thought there was typically more lines to add to the config file but I could be wrong. The lines you are suppose to include would have been shown at the end of your passenger install.

Check the top of your pf.conf file and see if you have the following at the top:

  <IfModule mod_passenger.c>
    PassengerRoot %ROOT
    PassengerRuby %RUBY
  </IfModule>

If you do have it, comment it out and restart apache, if you dont try adding it and restarting apache.

[rdburrus]

This is installed on Kali Linux. I first tried using the SET phishing feature, but did not like it. I am wondering if there are still traces of that lingering. I am going to do a clean install of Kali Linux and then will start a new install of Phishing Frenzy. Are the instructions on the website still the best instructions to use. Seems like the YouTube video and the instructions are not the same steps. What should I be using?

---

Ryan Burrus Senior Consultant, Technology Services Allen, Gibbs & Houlik, L.C. 301 N. Main, Suite 1700 Wichita, KS 67202-4868 Phone: (316) 291-4168 Fax: (316) 267-0339

From: Brandon McCann [mailto:notifications@github.com] Sent: Monday, October 26, 2015 4:07 PM To: pentestgeek/phishing-frenzy phishing-frenzy@noreply.github.com Cc: Ryan D. Burrus Ryan.Burrus@aghlc.com Subject: Re: [phishing-frenzy] New Installation (#248)

I thought there was typically more lines to add to the config file but I could be wrong. The lines you are suppose to include would have been shown at the end if your passenger install.

Check the top of your pf.conf file and see if you have the following at the top:

``` PassengerRoot %ROOT PassengerRuby %RUBY ```

If you do have it, comment it out and restart apache, if you dont try adding it and restarting apache.

— Reply to this email directly or view it on GitHubhttps://github.com/pentestgeek/phishing-frenzy/issues/248#issuecomment-151284936.

[http://www.aghlc.com/downloads/act_bestfirmstoworkfor2014.jpg] Any discussion of tax matters contained herein (including any attachments unless expressly stated otherwise) is not intended or written to be tax advice, and cannot be relied upon as such, nor can it be used for the purpose of: (i) avoiding tax penalties that may be imposed by the IRS or states, or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. If you seek definitive tax advice on a matter, please request a written tax memorandum from your AGH tax advisor. The information in this email is confidential, may be legally privileged and is intended solely for the original addressee. If you are not the intended recipient, any reliance upon the information in this email is strictly prohibited and may be unlawful. Such reliance includes, but is not limited to: disclosure, copying, distribution, actions taken and actions avoided.

[zeknox]

Website instructions are likely the best place to start. The video is a bit dated but might assist.

[rdburrus]

The instructions say to install an old version of Ruby. After the install finishes it recommends to use version 2.2.3. Will this version work or do I need to keep using the older version?

---

Ryan Burrus Senior Consultant, Technology Services Allen, Gibbs & Houlik, L.C. 301 N. Main, Suite 1700 Wichita, KS 67202-4868 Phone: (316) 291-4168 Fax: (316) 267-0339

From: Brandon McCann [mailto:notifications@github.com] Sent: Monday, October 26, 2015 4:19 PM To: pentestgeek/phishing-frenzy phishing-frenzy@noreply.github.com Cc: Ryan D. Burrus Ryan.Burrus@aghlc.com Subject: Re: [phishing-frenzy] New Installation (#248)

Website instructions are likely the best place to start. The video is a bit dated but might assist.

— Reply to this email directly or view it on GitHubhttps://github.com/pentestgeek/phishing-frenzy/issues/248#issuecomment-151287699.

[http://www.aghlc.com/downloads/act_bestfirmstoworkfor2014.jpg] Any discussion of tax matters contained herein (including any attachments unless expressly stated otherwise) is not intended or written to be tax advice, and cannot be relied upon as such, nor can it be used for the purpose of: (i) avoiding tax penalties that may be imposed by the IRS or states, or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. If you seek definitive tax advice on a matter, please request a written tax memorandum from your AGH tax advisor. The information in this email is confidential, may be legally privileged and is intended solely for the original addressee. If you are not the intended recipient, any reliance upon the information in this email is strictly prohibited and may be unlawful. Such reliance includes, but is not limited to: disclosure, copying, distribution, actions taken and actions avoided.

[rdburrus]

A few more issues that I have run into. When just change directories to /var/www/phishing-frenzy I got the error “ruby-2.1-5 is not installed”.

Also when running bundle install I got the error “An error occurred while installing mysql2 (0.3.18), and Bundler cannot continue. Make sure that ‘gem install mysql2 –v ‘0.3.18’’ succeeds before bundling. Running this command does not fix the error.

---

Ryan Burrus Senior Consultant, Technology Services Allen, Gibbs & Houlik, L.C. 301 N. Main, Suite 1700 Wichita, KS 67202-4868 Phone: (316) 291-4168 Fax: (316) 267-0339

From: Brandon McCann [mailto:notifications@github.com] Sent: Monday, October 26, 2015 4:19 PM To: pentestgeek/phishing-frenzy phishing-frenzy@noreply.github.com Cc: Ryan D. Burrus Ryan.Burrus@aghlc.com Subject: Re: [phishing-frenzy] New Installation (#248)

Website instructions are likely the best place to start. The video is a bit dated but might assist.

— Reply to this email directly or view it on GitHubhttps://github.com/pentestgeek/phishing-frenzy/issues/248#issuecomment-151287699.

[http://www.aghlc.com/downloads/act_bestfirmstoworkfor2014.jpg] Any discussion of tax matters contained herein (including any attachments unless expressly stated otherwise) is not intended or written to be tax advice, and cannot be relied upon as such, nor can it be used for the purpose of: (i) avoiding tax penalties that may be imposed by the IRS or states, or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. If you seek definitive tax advice on a matter, please request a written tax memorandum from your AGH tax advisor. The information in this email is confidential, may be legally privileged and is intended solely for the original addressee. If you are not the intended recipient, any reliance upon the information in this email is strictly prohibited and may be unlawful. Such reliance includes, but is not limited to: disclosure, copying, distribution, actions taken and actions avoided.

[zeknox]

You need to install libmysqlclient-dev with apt-get install libmysqlclient-dev to address the mysql issue.

The app should work with ruby 2.1.1but if you'd like to install ruby 2.1.5 you can do so with:

rvm install 2.1.5

Then make it the default ruby with:

rvm --default use 2.1.5

[rdburrus]

So it is OK to use 2.1.5, but don’t use 2.2.3?

---

Ryan Burrus Senior Consultant, Technology Services Allen, Gibbs & Houlik, L.C. 301 N. Main, Suite 1700 Wichita, KS 67202-4868 Phone: (316) 291-4168 Fax: (316) 267-0339

From: Brandon McCann [mailto:notifications@github.com] Sent: Tuesday, October 27, 2015 9:30 AM To: pentestgeek/phishing-frenzy phishing-frenzy@noreply.github.com Cc: Ryan D. Burrus Ryan.Burrus@aghlc.com Subject: Re: [phishing-frenzy] New Installation (#248)

You need to install libcurl4-openssl-dev with apt-get install libcurl4-openssl-dev to address the mysql issue.

The app should work with ruby 2.1.1but if you'd like to install ruby 2.1.5 you can do so with:

rvm install 2.1.5

Then make it the default ruby with:

rvm --default use 2.1.5

— Reply to this email directly or view it on GitHubhttps://github.com/pentestgeek/phishing-frenzy/issues/248#issuecomment-151516612.

[http://www.aghlc.com/downloads/act_bestfirmstoworkfor2014.jpg] Any discussion of tax matters contained herein (including any attachments unless expressly stated otherwise) is not intended or written to be tax advice, and cannot be relied upon as such, nor can it be used for the purpose of: (i) avoiding tax penalties that may be imposed by the IRS or states, or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. If you seek definitive tax advice on a matter, please request a written tax memorandum from your AGH tax advisor. The information in this email is confidential, may be legally privileged and is intended solely for the original addressee. If you are not the intended recipient, any reliance upon the information in this email is strictly prohibited and may be unlawful. Such reliance includes, but is not limited to: disclosure, copying, distribution, actions taken and actions avoided.

[zeknox]

It will probably work with either version, but the tested version for PF is 2.1.5. You can usually find this out in a ruby project by looking at the .ruby-version file: https://github.com/pentestgeek/phishing-frenzy/blob/master/.ruby-version

[zeknox]

Website has been updated with the appropriate fixes: http://phishingfrenzy.com/resources/install_kali_linux

[rdburrus]

Awesome! Thanks!!

When I run www-data ALL=(ALL) NOPASSWD: /etc/init.d/apache2 reload I get the error “bash: syntax error near unexpected token ‘(‘”

---

Ryan Burrus Senior Consultant, Technology Services Allen, Gibbs & Houlik, L.C. 301 N. Main, Suite 1700 Wichita, KS 67202-4868 Phone: (316) 291-4168 Fax: (316) 267-0339

From: Brandon McCann [mailto:notifications@github.com] Sent: Tuesday, October 27, 2015 10:55 AM To: pentestgeek/phishing-frenzy phishing-frenzy@noreply.github.com Cc: Ryan D. Burrus Ryan.Burrus@aghlc.com Subject: Re: [phishing-frenzy] New Installation (#248)

Website has been updated with the appropriate fixes: http://phishingfrenzy.com/resources/install_kali_linux

— Reply to this email directly or view it on GitHubhttps://github.com/pentestgeek/phishing-frenzy/issues/248#issuecomment-151548949.

[http://www.aghlc.com/downloads/act_bestfirmstoworkfor2014.jpg] Any discussion of tax matters contained herein (including any attachments unless expressly stated otherwise) is not intended or written to be tax advice, and cannot be relied upon as such, nor can it be used for the purpose of: (i) avoiding tax penalties that may be imposed by the IRS or states, or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. If you seek definitive tax advice on a matter, please request a written tax memorandum from your AGH tax advisor. The information in this email is confidential, may be legally privileged and is intended solely for the original addressee. If you are not the intended recipient, any reliance upon the information in this email is strictly prohibited and may be unlawful. Such reliance includes, but is not limited to: disclosure, copying, distribution, actions taken and actions avoided.

[zeknox]

You're not suppose to run that entire command, that is the syntax used within the /etc/sudoers file so that the www-data account (PF) can restart apache to load your phishing sites when a campaign goes active / inactive.

[rdburrus]

Sorry, I saw that right after I sent the email.

---

Ryan Burrus Senior Consultant, Technology Services Allen, Gibbs & Houlik, L.C. 301 N. Main, Suite 1700 Wichita, KS 67202-4868 Phone: (316) 291-4168 Fax: (316) 267-0339

From: Brandon McCann [mailto:notifications@github.com] Sent: Tuesday, October 27, 2015 11:07 AM To: pentestgeek/phishing-frenzy phishing-frenzy@noreply.github.com Cc: Ryan D. Burrus Ryan.Burrus@aghlc.com Subject: Re: [phishing-frenzy] New Installation (#248)

You're not suppose to run that entire command, that is the syntax used within the /etc/sudoers file so that the www-data account (PF) can restart apache to load your phishing sites when a campaign goes active / inactive.

— Reply to this email directly or view it on GitHubhttps://github.com/pentestgeek/phishing-frenzy/issues/248#issuecomment-151552718.

[http://www.aghlc.com/downloads/act_bestfirmstoworkfor2014.jpg] Any discussion of tax matters contained herein (including any attachments unless expressly stated otherwise) is not intended or written to be tax advice, and cannot be relied upon as such, nor can it be used for the purpose of: (i) avoiding tax penalties that may be imposed by the IRS or states, or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. If you seek definitive tax advice on a matter, please request a written tax memorandum from your AGH tax advisor. The information in this email is confidential, may be legally privileged and is intended solely for the original addressee. If you are not the intended recipient, any reliance upon the information in this email is strictly prohibited and may be unlawful. Such reliance includes, but is not limited to: disclosure, copying, distribution, actions taken and actions avoided.

[rdburrus]

I believe that everything installed correctly. When I try to access to site it just takes me to a Apache2 Debian Default Page. How do I get into the phishing frenzy site? The pf.conf file lists the server name as phishing-frenzy.local and I also created an entry in the hosts file to resolve that correctly.

---

Ryan Burrus Senior Consultant, Technology Services Allen, Gibbs & Houlik, L.C. 301 N. Main, Suite 1700 Wichita, KS 67202-4868 Phone: (316) 291-4168 Fax: (316) 267-0339

From: Brandon McCann [mailto:notifications@github.com] Sent: Tuesday, October 27, 2015 10:55 AM To: pentestgeek/phishing-frenzy phishing-frenzy@noreply.github.com Cc: Ryan D. Burrus Ryan.Burrus@aghlc.com Subject: Re: [phishing-frenzy] New Installation (#248)

Website has been updated with the appropriate fixes: http://phishingfrenzy.com/resources/install_kali_linux

— Reply to this email directly or view it on GitHubhttps://github.com/pentestgeek/phishing-frenzy/issues/248#issuecomment-151548949.

[http://www.aghlc.com/downloads/act_bestfirmstoworkfor2014.jpg] Any discussion of tax matters contained herein (including any attachments unless expressly stated otherwise) is not intended or written to be tax advice, and cannot be relied upon as such, nor can it be used for the purpose of: (i) avoiding tax penalties that may be imposed by the IRS or states, or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. If you seek definitive tax advice on a matter, please request a written tax memorandum from your AGH tax advisor. The information in this email is confidential, may be legally privileged and is intended solely for the original addressee. If you are not the intended recipient, any reliance upon the information in this email is strictly prohibited and may be unlawful. Such reliance includes, but is not limited to: disclosure, copying, distribution, actions taken and actions avoided.

[zeknox]

Run apachectl -S to ensure that the PF.conf file shows up. If it does and shows phishing-frenzy.local as the FQDN then you might just need to restart apache or refresh the browser.

The default page means that its not hitting your PF.conf VHOST entry.

[rdburrus]

Here is what is shows.

AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message VirtualHost configuration: *:80 is a NameVirtualHost default server 127.0.1.1 (/etc/apache2/sites-enabled/000-default.conf:1) port 80 namevhost 127.0.1.1 (/etc/apache2/sites-enabled/000-default.conf:1) port 80 namevhost phishing-frenzy.local (/etc/apache2/pf.conf:6) ServerRoot: "/etc/apache2" Main DocumentRoot: "/var/www/html" Main ErrorLog: "/var/log/apache2/error.log" Mutex default: dir="/var/lock/apache2" mechanism=fcntl Mutex mpm-accept: using_defaults Mutex watchdog-callback: using_defaults PidFile: "/var/run/apache2/apache2.pid" Define: DUMP_VHOSTS Define: DUMP_RUN_CFG User: name="www-data" id=33 Group: name="www-data" id=33

---

Ryan Burrus Senior Consultant, Technology Services Allen, Gibbs & Houlik, L.C. 301 N. Main, Suite 1700 Wichita, KS 67202-4868 Phone: (316) 291-4168 Fax: (316) 267-0339

---

From: Brandon McCann [notifications@github.com] Sent: Tuesday, October 27, 2015 11:25 AM To: pentestgeek/phishing-frenzy Cc: Ryan D. Burrus Subject: Re: [phishing-frenzy] New Installation (#248)

Run apachectl -S to ensure that the PF.conf file shows up. If it does and shows phishing-frenzy.local as the FQDN then you might just need to restart apache or refresh the browser.

The default page means that its not hitting your PF.conf VHOST entry.

— Reply to this email directly or view it on GitHubhttps://github.com/pentestgeek/phishing-frenzy/issues/248#issuecomment-151558647.

[http://www.aghlc.com/downloads/act_bestfirmstoworkfor2014.jpg] Any discussion of tax matters contained herein (including any attachments unless expressly stated otherwise) is not intended or written to be tax advice, and cannot be relied upon as such, nor can it be used for the purpose of: (i) avoiding tax penalties that may be imposed by the IRS or states, or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. If you seek definitive tax advice on a matter, please request a written tax memorandum from your AGH tax advisor. The information in this email is confidential, may be legally privileged and is intended solely for the original addressee. If you are not the intended recipient, any reliance upon the information in this email is strictly prohibited and may be unlawful. Such reliance includes, but is not limited to: disclosure, copying, distribution, actions taken and actions avoided.

[rdburrus]

Now I am back to the browser displaying the files/folders located in the public folder.

---

Ryan Burrus Senior Consultant, Technology Services Allen, Gibbs & Houlik, L.C. 301 N. Main, Suite 1700 Wichita, KS 67202-4868 Phone: (316) 291-4168 Fax: (316) 267-0339

From: Brandon McCann [mailto:notifications@github.com] Sent: Tuesday, October 27, 2015 11:26 AM To: pentestgeek/phishing-frenzy phishing-frenzy@noreply.github.com Cc: Ryan D. Burrus Ryan.Burrus@aghlc.com Subject: Re: [phishing-frenzy] New Installation (#248)

Run apachectl -S to ensure that the PF.conf file shows up. If it does and shows phishing-frenzy.local as the FQDN then you might just need to restart apache or refresh the browser.

The default page means that its not hitting your PF.conf VHOST entry.

— Reply to this email directly or view it on GitHubhttps://github.com/pentestgeek/phishing-frenzy/issues/248#issuecomment-151558647.

[http://www.aghlc.com/downloads/act_bestfirmstoworkfor2014.jpg] Any discussion of tax matters contained herein (including any attachments unless expressly stated otherwise) is not intended or written to be tax advice, and cannot be relied upon as such, nor can it be used for the purpose of: (i) avoiding tax penalties that may be imposed by the IRS or states, or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. If you seek definitive tax advice on a matter, please request a written tax memorandum from your AGH tax advisor. The information in this email is confidential, may be legally privileged and is intended solely for the original addressee. If you are not the intended recipient, any reliance upon the information in this email is strictly prohibited and may be unlawful. Such reliance includes, but is not limited to: disclosure, copying, distribution, actions taken and actions avoided.

[zeknox]

passenger is not rendering the rails portion of the app.

[rdburrus]

Any thoughts on how to fix that? I am a little out of my element on this stuff so I really appreciate all your help! I am a Windows guy and don’t do much with Linux.

---

Ryan Burrus Senior Consultant, Technology Services Allen, Gibbs & Houlik, L.C. 301 N. Main, Suite 1700 Wichita, KS 67202-4868 Phone: (316) 291-4168 Fax: (316) 267-0339

From: Brandon McCann [mailto:notifications@github.com] Sent: Tuesday, October 27, 2015 11:55 AM To: pentestgeek/phishing-frenzy phishing-frenzy@noreply.github.com Cc: Ryan D. Burrus Ryan.Burrus@aghlc.com Subject: Re: [phishing-frenzy] New Installation (#248)

passenger is not rendering the rails portion of the app.

— Reply to this email directly or view it on GitHubhttps://github.com/pentestgeek/phishing-frenzy/issues/248#issuecomment-151567171.

[http://www.aghlc.com/downloads/act_bestfirmstoworkfor2014.jpg] Any discussion of tax matters contained herein (including any attachments unless expressly stated otherwise) is not intended or written to be tax advice, and cannot be relied upon as such, nor can it be used for the purpose of: (i) avoiding tax penalties that may be imposed by the IRS or states, or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. If you seek definitive tax advice on a matter, please request a written tax memorandum from your AGH tax advisor. The information in this email is confidential, may be legally privileged and is intended solely for the original addressee. If you are not the intended recipient, any reliance upon the information in this email is strictly prohibited and may be unlawful. Such reliance includes, but is not limited to: disclosure, copying, distribution, actions taken and actions avoided.

[zeknox]

Likely missing the appropriate lines listed after the passenger install that should have been placed in the /etc/apache2/apache.conf file.

This is also documented on the website: http://phishingfrenzy.com/resources/troubleshooting

[rdburrus]

I completed all those lines in the instructions. Below is what I added to the end of my apache2.conf file. Did you mentioned something the other day about maybe needing to comment out the top 4 lines of the pf.conf file?

LoadModule passenger_module /usr/local/rvm/gems/ruby-2.1.5/gems/passenger-5.0.21/buildout/apache2/mod_passenger.so

PassengerRoot /usr/local/rvm/gems/ruby-2.1.5/gems/passenger-5.0.21 PassengerDefaultRuby /usr/local/rvm/gems/ruby-2.1.5/wrappers/ruby

---

Ryan Burrus Senior Consultant, Technology Services Allen, Gibbs & Houlik, L.C. 301 N. Main, Suite 1700 Wichita, KS 67202-4868 Phone: (316) 291-4168 Fax: (316) 267-0339

---

From: Brandon McCann [notifications@github.com] Sent: Tuesday, October 27, 2015 12:23 PM To: pentestgeek/phishing-frenzy Cc: Ryan D. Burrus Subject: Re: [phishing-frenzy] New Installation (#248)

Likely missing the appropriate lines listed after the passenger install that should have been placed in the /etc/apache2/apache.conf file.

This is also documented on the website: http://phishingfrenzy.com/resources/troubleshooting

— Reply to this email directly or view it on GitHubhttps://github.com/pentestgeek/phishing-frenzy/issues/248#issuecomment-151576543.

[http://www.aghlc.com/downloads/act_bestfirmstoworkfor2014.jpg] Any discussion of tax matters contained herein (including any attachments unless expressly stated otherwise) is not intended or written to be tax advice, and cannot be relied upon as such, nor can it be used for the purpose of: (i) avoiding tax penalties that may be imposed by the IRS or states, or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. If you seek definitive tax advice on a matter, please request a written tax memorandum from your AGH tax advisor. The information in this email is confidential, may be legally privileged and is intended solely for the original addressee. If you are not the intended recipient, any reliance upon the information in this email is strictly prohibited and may be unlawful. Such reliance includes, but is not limited to: disclosure, copying, distribution, actions taken and actions avoided.

[zeknox]

Yes, comment out the top passenger lines in pf.conf and restart apache to test.

[rdburrus]

I am now getting this error.

Mysql2::Error Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)

Rails.root: /var/www/phishing-frenzy

Application Tracehttp://phishing-frenzy.local/# | Framework Tracehttp://phishing-frenzy.local/# | Full Tracehttp://phishing-frenzy.local/#

Request

Parameters:

None

---

Ryan Burrus Senior Consultant, Technology Services Allen, Gibbs & Houlik, L.C. 301 N. Main, Suite 1700 Wichita, KS 67202-4868 Phone: (316) 291-4168 Fax: (316) 267-0339

---

From: Brandon McCann [notifications@github.com] Sent: Tuesday, October 27, 2015 12:32 PM To: pentestgeek/phishing-frenzy Cc: Ryan D. Burrus Subject: Re: [phishing-frenzy] New Installation (#248)

Yes, comment out the top passenger lines in pf.conf and restart apache to test.

— Reply to this email directly or view it on GitHubhttps://github.com/pentestgeek/phishing-frenzy/issues/248#issuecomment-151580157.

[http://www.aghlc.com/downloads/act_bestfirmstoworkfor2014.jpg] Any discussion of tax matters contained herein (including any attachments unless expressly stated otherwise) is not intended or written to be tax advice, and cannot be relied upon as such, nor can it be used for the purpose of: (i) avoiding tax penalties that may be imposed by the IRS or states, or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. If you seek definitive tax advice on a matter, please request a written tax memorandum from your AGH tax advisor. The information in this email is confidential, may be legally privileged and is intended solely for the original addressee. If you are not the intended recipient, any reliance upon the information in this email is strictly prohibited and may be unlawful. Such reliance includes, but is not limited to: disclosure, copying, distribution, actions taken and actions avoided.

[zeknox]

Your mysql service is not running

[rdburrus]

It is working now! Thanks a million! How do I get the Apache and mysql to start automatically?

---

Ryan Burrus Senior Consultant, Technology Services Allen, Gibbs & Houlik, L.C. 301 N. Main, Suite 1700 Wichita, KS 67202-4868 Phone: (316) 291-4168 Fax: (316) 267-0339

From: Brandon McCann [mailto:notifications@github.com] Sent: Tuesday, October 27, 2015 12:47 PM To: pentestgeek/phishing-frenzy phishing-frenzy@noreply.github.com Cc: Ryan D. Burrus Ryan.Burrus@aghlc.com Subject: Re: [phishing-frenzy] New Installation (#248)

Your mysql service is not running

— Reply to this email directly or view it on GitHubhttps://github.com/pentestgeek/phishing-frenzy/issues/248#issuecomment-151584407.

[http://www.aghlc.com/downloads/act_bestfirmstoworkfor2014.jpg] Any discussion of tax matters contained herein (including any attachments unless expressly stated otherwise) is not intended or written to be tax advice, and cannot be relied upon as such, nor can it be used for the purpose of: (i) avoiding tax penalties that may be imposed by the IRS or states, or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. If you seek definitive tax advice on a matter, please request a written tax memorandum from your AGH tax advisor. The information in this email is confidential, may be legally privileged and is intended solely for the original addressee. If you are not the intended recipient, any reliance upon the information in this email is strictly prohibited and may be unlawful. Such reliance includes, but is not limited to: disclosure, copying, distribution, actions taken and actions avoided.

[zeknox]

Thats more of a google question per your OS.

[rdburrus]

Another (hopefully quick) question on the Phishing Frenzy setup. I am creating a new campaign and trying to figure out what to enter for the Phishing URL and the FQDN. What do I put in these to send to the correct sites? For instance, if I do a LinkedIn campaign how to do send the traffic to the LinkedIn cloned site?

[zeknox]

You are likely going to need to purchase and own a domain. You will likely need to configure public DNS to point to your PF public IP address. This way when you phish someone, they can resolve the FQDN to the IP address of your PF box and get navigated to the phishing site.

[rdburrus]

I have already done this. Do I just need to create A records to direct campaigns to the correct sites? For instance create linkedin.mydomain.com and intel.mydomain.com?

---

Ryan Burrus Senior Consultant, Technology Services Allen, Gibbs & Houlik, L.C. 301 N. Main, Suite 1700 Wichita, KS 67202-4868 Phone: (316) 291-4168 Fax: (316) 267-0339

From: Brandon McCann [mailto:notifications@github.com] Sent: Tuesday, October 27, 2015 2:03 PM To: pentestgeek/phishing-frenzy phishing-frenzy@noreply.github.com Cc: Ryan D. Burrus Ryan.Burrus@aghlc.com Subject: Re: [phishing-frenzy] New Installation (#248)

You are likely going to need to purchase and own a domain. You will likely need to configure public DNS to point to your PF public IP address. This way when you phish someone, they can resolve the FQDN to the IP address of your PF box and get navigated to the phishing site.

— Reply to this email directly or view it on GitHubhttps://github.com/pentestgeek/phishing-frenzy/issues/248#issuecomment-151611344.

[http://www.aghlc.com/downloads/act_bestfirmstoworkfor2014.jpg] Any discussion of tax matters contained herein (including any attachments unless expressly stated otherwise) is not intended or written to be tax advice, and cannot be relied upon as such, nor can it be used for the purpose of: (i) avoiding tax penalties that may be imposed by the IRS or states, or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. If you seek definitive tax advice on a matter, please request a written tax memorandum from your AGH tax advisor. The information in this email is confidential, may be legally privileged and is intended solely for the original addressee. If you are not the intended recipient, any reliance upon the information in this email is strictly prohibited and may be unlawful. Such reliance includes, but is not limited to: disclosure, copying, distribution, actions taken and actions avoided.

[zeknox]

Yes, that is correct. Another easy solution is to create a wildcard A record. For example send every single *.domain.com -> PF IP and then this way you don't need to create a new A record everytime.

DNS will resolve *.domain.com and the campaign will be configured with an FQDN and serve up the appropriate website. VHOSTS FTW!

[rdburrus]

Got that working. I am trying to run the Sidekiq command “bundle exec sidekiq –C config/sidekiq.yml” and I get the error “Could not locate Gemfile”.

---

Ryan Burrus Senior Consultant, Technology Services Allen, Gibbs & Houlik, L.C. 301 N. Main, Suite 1700 Wichita, KS 67202-4868 Phone: (316) 291-4168 Fax: (316) 267-0339

From: Brandon McCann [mailto:notifications@github.com] Sent: Tuesday, October 27, 2015 2:18 PM To: pentestgeek/phishing-frenzy phishing-frenzy@noreply.github.com Cc: Ryan D. Burrus Ryan.Burrus@aghlc.com Subject: Re: [phishing-frenzy] New Installation (#248)

Yes, that is correct. Another easy solution is to create a wildcard A record. For example send every single *.domain.com -> PF IP and then this way you don't need to create a new A record everytime.

DNS will resolve *.domain.com and the campaign will be configured with an FQDN and serve up the appropriate website. VHOSTS FTW!

— Reply to this email directly or view it on GitHubhttps://github.com/pentestgeek/phishing-frenzy/issues/248#issuecomment-151615376.

[http://www.aghlc.com/downloads/act_bestfirmstoworkfor2014.jpg] Any discussion of tax matters contained herein (including any attachments unless expressly stated otherwise) is not intended or written to be tax advice, and cannot be relied upon as such, nor can it be used for the purpose of: (i) avoiding tax penalties that may be imposed by the IRS or states, or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. If you seek definitive tax advice on a matter, please request a written tax memorandum from your AGH tax advisor. The information in this email is confidential, may be legally privileged and is intended solely for the original addressee. If you are not the intended recipient, any reliance upon the information in this email is strictly prohibited and may be unlawful. Such reliance includes, but is not limited to: disclosure, copying, distribution, actions taken and actions avoided.

[rdburrus]

I am trying to run the Sidekiq command “bundle exec sidekiq –C config/sidekiq.yml” and I get the error “Could not locate Gemfile”.

---

Ryan Burrus Senior Consultant, Technology Services Allen, Gibbs & Houlik, L.C. 301 N. Main, Suite 1700 Wichita, KS 67202-4868 Phone: (316) 291-4168 Fax: (316) 267-0339

From: Brandon McCann [mailto:notifications@github.com] Sent: Tuesday, October 27, 2015 2:18 PM To: pentestgeek/phishing-frenzy phishing-frenzy@noreply.github.com Cc: Ryan D. Burrus Ryan.Burrus@aghlc.com Subject: Re: [phishing-frenzy] New Installation (#248)

Yes, that is correct. Another easy solution is to create a wildcard A record. For example send every single *.domain.com -> PF IP and then this way you don't need to create a new A record everytime.

DNS will resolve *.domain.com and the campaign will be configured with an FQDN and serve up the appropriate website. VHOSTS FTW!

— Reply to this email directly or view it on GitHubhttps://github.com/pentestgeek/phishing-frenzy/issues/248#issuecomment-151615376.

[http://www.aghlc.com/downloads/act_bestfirmstoworkfor2014.jpg] Any discussion of tax matters contained herein (including any attachments unless expressly stated otherwise) is not intended or written to be tax advice, and cannot be relied upon as such, nor can it be used for the purpose of: (i) avoiding tax penalties that may be imposed by the IRS or states, or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. If you seek definitive tax advice on a matter, please request a written tax memorandum from your AGH tax advisor. The information in this email is confidential, may be legally privileged and is intended solely for the original addressee. If you are not the intended recipient, any reliance upon the information in this email is strictly prohibited and may be unlawful. Such reliance includes, but is not limited to: disclosure, copying, distribution, actions taken and actions avoided.

[zeknox]

navigate to the proper directory where the Gemfile is located?

/var/www/phishing-frenzy/

[rdburrus]

Everything appears to be running now. The issue I am experiencing now is the links are not working. I have created a campaign and it launches and sends the emails just fine. When I click on the link in the email it just takes me to an Apache2 Debian Default page and not to the cloned site. How do I specify what cloned site gets opened when the link is clicked?

---

Ryan Burrus Senior Consultant, Technology Services Allen, Gibbs & Houlik, L.C. 301 N. Main, Suite 1700 Wichita, KS 67202-4868 Phone: (316) 291-4168 Fax: (316) 267-0339

From: Brandon McCann [mailto:notifications@github.com] Sent: Wednesday, October 28, 2015 11:49 AM To: pentestgeek/phishing-frenzy phishing-frenzy@noreply.github.com Cc: Ryan D. Burrus Ryan.Burrus@aghlc.com Subject: Re: [phishing-frenzy] New Installation (#248)

navigate to the proper directory where the Gemfile is located?

/var/www/phishing-frenzy/

— Reply to this email directly or view it on GitHubhttps://github.com/pentestgeek/phishing-frenzy/issues/248#issuecomment-151906539.

[http://www.aghlc.com/downloads/act_bestfirmstoworkfor2014.jpg] Any discussion of tax matters contained herein (including any attachments unless expressly stated otherwise) is not intended or written to be tax advice, and cannot be relied upon as such, nor can it be used for the purpose of: (i) avoiding tax penalties that may be imposed by the IRS or states, or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. If you seek definitive tax advice on a matter, please request a written tax memorandum from your AGH tax advisor. The information in this email is confidential, may be legally privileged and is intended solely for the original addressee. If you are not the intended recipient, any reliance upon the information in this email is strictly prohibited and may be unlawful. Such reliance includes, but is not limited to: disclosure, copying, distribution, actions taken and actions avoided.

[rdburrus]

I think I finally got the sites loading correctly. However, it is not tracking link clicks and passwords entered. How do I get this to work?

---

Ryan Burrus Senior Consultant, Technology Services Allen, Gibbs & Houlik, L.C. 301 N. Main, Suite 1700 Wichita, KS 67202-4868 Phone: (316) 291-4168 Fax: (316) 267-0339

From: Brandon McCann [mailto:notifications@github.com] Sent: Wednesday, October 28, 2015 11:49 AM To: pentestgeek/phishing-frenzy phishing-frenzy@noreply.github.com Cc: Ryan D. Burrus Ryan.Burrus@aghlc.com Subject: Re: [phishing-frenzy] New Installation (#248)

navigate to the proper directory where the Gemfile is located?

/var/www/phishing-frenzy/

— Reply to this email directly or view it on GitHubhttps://github.com/pentestgeek/phishing-frenzy/issues/248#issuecomment-151906539.

[http://www.aghlc.com/downloads/act_bestfirmstoworkfor2014.jpg] Any discussion of tax matters contained herein (including any attachments unless expressly stated otherwise) is not intended or written to be tax advice, and cannot be relied upon as such, nor can it be used for the purpose of: (i) avoiding tax penalties that may be imposed by the IRS or states, or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. If you seek definitive tax advice on a matter, please request a written tax memorandum from your AGH tax advisor. The information in this email is confidential, may be legally privileged and is intended solely for the original addressee. If you are not the intended recipient, any reliance upon the information in this email is strictly prohibited and may be unlawful. Such reliance includes, but is not limited to: disclosure, copying, distribution, actions taken and actions avoided.

[zeknox]

Please read the docs before posting: http://phishingfrenzy.com/resources/troubleshooting