-
Notifications
You must be signed in to change notification settings - Fork 547
Getting Started
See the INSTALL file for instructions on setting up both the King Phisher client and server. Windows executables are available for the King Phisher Client from the GitHub releases page.
After King Phisher has been installed, the server must be started before the client can connect. The King Phisher client connects over SSH to the server for communication. The SSH service must be installed, configured and started independently of the provided King Phisher install script. When the client is started it will prompt the user for credentials. These credentials are the same as the user would use to authenticate to the server using SSH. See the ssh keyed authentication section for details on how the client can authenticate with SSH keys.
The server needs to be configured with a database connection which is used to store campaign information. Starting in version 0.1.6, postgresql is the recommended backend. See the Database Wiki Page for more details.
In order for the King Phisher client to send emails it needs to be configured
with an SMTP server. This SMTP server is often either an open relay that the
client can connect to or another SMTP server that is can forward messages which
typically requires the user to authenticate. See the
Public SMTP Servers page for connections configuration
details for common public SMTP servers. If an SMTP server requires
authentication, then the Username field within the SMTP tab under
Edit > Preferences
needs to be specified. When the sending operation starts,
the user will be prompted to enter their password.
It is recommended that a private open relay be installed and used for this purpose. The King Phisher client can be configured to connect to a private SMTP server by using SSH port forwarding.
The SMTP server that the King Phisher client connects to can be a different system than the King Phisher server. The two systems and connections are managed independently from each other and while the SMTP server can be installed on the same system as the King Phisher server, it is not necessary to do so.
If the client has enabled the "Tunnel Over SSH" option in the configuration dialog, then the SMTP server that is specified will be an IP address or host name that will be connected to from the SSH server. For example, if there is an SMTP open relay on smtp.king-phisher.lan which is only listening on the local interface, then the SSH server would be set to smtp.king-phisher.lan:22 and the SMTP server would be localhost:25.
Template files for both messages and server pages can be found in the separate King Phisher Templates repository. Any contributions regarding templates should also be submitted via a pull request to the templates repository.