Skip to content

Getting Started

Spencer McIntyre edited this page Sep 20, 2019 · 11 revisions

Installing King Phisher

See the INSTALL file for instructions on setting up both the King Phisher client and server. Windows executables are available for the King Phisher Client from the GitHub releases page.

Post Install

After King Phisher has been installed, the server must be started before the client can connect. The King Phisher client connects over SSH to the server for communication. The SSH service must be installed, configured and started independently of the provided King Phisher install script. When the client is started it will prompt the user for credentials. These credentials are the same as the user would use to authenticate to the server using SSH. See the ssh keyed authentication section for details on how the client can authenticate with SSH keys.

Database

The server needs to be configured with a database connection which is used to store campaign information. Starting in version 0.1.6, postgresql is the recommended backend. See the Database Wiki Page for more details.

SMTP Server

In order for the King Phisher client to send emails it needs to be configured with an SMTP server. This SMTP server is often either an open relay that the client can connect to or another SMTP server that is can forward messages which typically requires the user to authenticate. See the Public SMTP Servers page for connections configuration details for common public SMTP servers. If an SMTP server requires authentication, then the Username field within the SMTP tab under Edit > Preferences needs to be specified. When the sending operation starts, the user will be prompted to enter their password.

It is recommended that a private open relay be installed and used for this purpose. The King Phisher client can be configured to connect to a private SMTP server by using SSH port forwarding.

The SMTP server that the King Phisher client connects to can be a different system than the King Phisher server. The two systems and connections are managed independently from each other and while the SMTP server can be installed on the same system as the King Phisher server, it is not necessary to do so.

Connecting To An SMTP Server Over SSH

If the client has enabled the "Tunnel Over SSH" option in the configuration dialog, then the SMTP server that is specified will be an IP address or host name that will be connected to from the SSH server. For example, if there is an SMTP open relay on smtp.king-phisher.lan which is only listening on the local interface, then the SSH server would be set to smtp.king-phisher.lan:22 and the SMTP server would be localhost:25.

Template Files

Template files for both messages and server pages can be found in the separate King Phisher Templates repository. Any contributions regarding templates should also be submitted via a pull request to the templates repository.