TzuSec.com

Cybersecurity Demystified

Tag: phishing

How to run Gophish as a systemd service

Posted on by Rickard

Are you running gophish straight from shell and want to make sure to not close the application by mistake during a phishing assessment? Or maybe that was what led you to this article? No worries, in this article I will show you how easy it is to run it as a service with systemd instead.

If you haven’t heard about systemd before it’s simply a very popular tool used to manage services on Linux systems. A systemd service is a script that runs a specific program or command. This script is managed by systemd and can be configured to start automatically at boot time if you like.

Step-by-step guide:

I will now describe the simple steps that you need to take to create and then manage the service with systemctl:

  1. Create the service file that will tell systemd how to manage our gophish service. We create the file by opening up a new file with the text editor of your choice

    sudo vim /etc/systemd/system/gophish.service

  2. Now it’s time to enter the following text into the new file and then save it, replace WorkingDirectory and ExecStart with the location where you installed gophish:

    [Unit]
    Description=gophish-service

    [Service]
    Type=simple
    WorkingDirectory=/opt/gophish/
    ExecStart=/opt/gophish/gophish

    [Install]
    WantedBy=multi-user.target

  3. Now you want to reload the systemd manager configuration

    sudo systemctl daemon-reload

  4. Now we are ready to start the service and then make sure that the service is started:

    sudo systemctl start gophish
    sudo systemctl status gophish

  5. Now the service is running. If you want to stop the service you can simply just run:

    sudo systemctl stop gophish

  6. If you want to start the service automatically after each reboot of the machine you run:

    sudo systemctl enable gophish

It’s as simple as that. I hope this guide was helpful for you.

//Rickard Carlsson

Don’t get phished this holiday season

Posted on by Rickard
phishing during holiday season

Holiday season is coming closer and I would like to take this opportunity to discuss phishing since the amount of phishing attacks increases a lot during holiday season. According to Zscaler the amount of phishing attacks increased with 400% from October to November this year as Black Friday and Cyber Monday came closer.

Phishing, which is a type of social engineering, is based upon exploiting people’s feelings. During shopping-holidays like Black Friday and Cyber Monday but also during Christmas people are more vulnerable. Phishing campaigns are designed based on the holiday. During shopping holidays, it is very common with emails or texts that contains:

  • Fake Amazon Gift Cards.
  • Fake login portals to Paypal and other payment sites.
  • Scams related to other shopping or shipmen companies like Postnord or DHL.

During other holidays like Christmas and Easter it’s more common with greetings with bad URLs included. It can for example be a Merry Christmas email with a link to malicious site. It is also common with emails where the sender wishes you a merry Christmas and tells you that they have donated money to charity and that you can click on the link to read more. When people get these kinds of emails and like what they read they have already lowered the guard and it’s much more likely they will click on a unknown malicious link.

It’s crucial to always be vigilant and know how to distinguish phishing emails from legitimate ones, especially since 94% of all malware are delivered via email according to Verizon. I came across a poster from LogRythm a few years ago with a top ten list for how to spot and handle a phishing email and it’s still viable.

LogRhytms top ten things to watch in phishing emails

I recommend you to think about these tips when you get an email and make sure to always keep the guard up when it comes to emails.

Thanks for reading,
/Rickard

Copyright © 2022