Akwụkwọ Gophish
navigation
Otu esi edobe sava email SMTP na-arụ ọrụ maka nnwale Phish na 2022
Ị na-atụle ịmepụta mkpọsa nnwale phish nke gị n'afọ a?
Injinia mmekọrịta etolitela bụrụ ihe iyi egwu ka ukwuu na 2022 ma ị na-eche ụzọ ị ga-esi merie ya.
Ma mbelata nke ụlọ ọrụ etinyegoro emeela ka nke a sie ike karịa mgbe ọ bụla.
Iji malite ị ga-achọ ihe ole na ole.
Ị chọrọ sava email SMTP bara uru.
Nke a nwere ike bụrụ ihe ịma aka ebe ọ bụ na ọtụtụ ndị na-eweta igwe ojii na-egbochi okporo ụzọ SMTP.
Ị chọkwara dashboard iji soro, wee nyochaa nchoputa injinịa mmekọrịta gị.
Nke a ga-enye gị ohere ilele ọganihu ma kọọrọ ndị otu ndị isi.
Ịtọlite ndị a nwere ike were ọrụ izu ole na ole gbakwunyere ule, na-agbakwụnye ihe ruru puku kwuru puku dollar na ọrụ.
Ọ bụ ya mere anyị ji mepụta ntuziaka a iji gosi gị otu ị nwere ike isi melite sava SMTP na ndị na-enye ndị na-enye ọrụ na-adịghị egbochi SMTP.
N'ọgwụgwụ ntuziaka a, ị ga-ama otu esi ahazi ma chekwaa ihe nkesa ahụ ka o wee nwee ike izipu ozi.
Na mgbakwunye, ị ga-ama ka esi kpo oku adreesị IP nke ihe nkesa na-eji ka ozi na-ebuga.
Anyị ga-eji ngwa akpọrọ Poste.io iji nyere aka na nhazi nkesa ozi.
Anyị ga-egosikwa gị otu esi edobe dashboard phishing nke ị nwere ike iji soro na nyochaa nchọta gị.
Anyị nwere dashboard na-eji GoPhish na Ọrụ Weebụ Amazon dị njikere ịmalite.
Ị nwere ike ịgbanwuo ma gbanyụọ dashboard a ka ịchọrọ ijikwa ma nyochaa mkpọsa nyocha phish gị.
Otu esi edobe sava SMTP gị
Mbụ ị ga-achọ ịnweta VPS n'aka onye na-eweta na-enye ohere SMTP okporo ụzọ.
Nke ahụ pụtara Contabo, Hetzner, LunaNode, BuyVM, ma ọ bụ Scaleway.
Anyị ga-eji Contabo n'ihe atụ a.
- Mepụta akaụntụ na Contabo nwere opekata mpe 4GB nke RAM yana 80 GB nke ohere nchekwa.
pịa ebe a imepee Contabo VM site na ahọpụtara ntọala.
- Ị nwere ike ịhọrọ okwu dabara adaba maka ojiji gị.
Ndị otu anyị na-eji okwu kwa ọnwa ọ gwụla ma anyị nwere nkwekọrịta ogologo oge maka nnwale phish.
- Ọzọ ị ga-achọ ịhọrọ mpaghara kacha nso na nzukọ ị ga-anwale.
N'okwu a, m ga-eji US East na Contabo.
- VPS ị na-eji maka ịnabata ihe nkesa SMTP gị kwesịrị inwe opekata mpe 4 GB nke RAM yana opekata mpe 80GB nke ohere nchekwa.
- Mgbe ahụ ị ga-achọ ịhọrọ Sistemụ arụmọrụ, họrọ Ubuntu 20.04 iji hụ na ndakọrịta.
6. Họrọ paswọọdụ ị ga-eji maka ịnweta ihe nkesa gị site na SSH. Ị nwere ike ịmepụta paswọọdụ siri ike ebe a: https://passwordsgenerator.net/
Jide n'aka na-echekwa nke a na paswọọdụ njikwa dị ka LastPass maka n'ọdịnihu akwụkwọ.
- Gbaa mbọ hụ na ekenyela gị opekata mpe otu adreesị IP ọha!
8. Ị nwere ike hapụ ihe ndabara maka Addons na Server Quantity na Contabo.
- Mgbe nke ahụ gasịrị, ị ga-abanye ma ọ bụ mepụta akaụntụ.
- Ozugbo ịbanye, kwụọ ụgwọ ọnwa maka ọrụ ahụ.
- Mgbe ịkwụchara ụgwọ, ị ga-enweta ozi nkwenye ozugbo edobere ihe nkesa gị.
- Ọzọ, anyị ga-abanye na sava wee malite ịtọlite sava SMTP gị site na iji Poste.io.
Ị ga-eji aha njirimara (mgbọrọgwụ) na paswọọdụ ị mepụtara na mbụ iji banye na nkesa site na SSH.
13. Ị nwere ike jikọọ na mmasị SSH ahịa, dị ka MobaXTerm ma ọ bụ PutTY.
Ozugbo ịbanye na sava ahụ, ị ga-achọ ịnyagharịa na Poste.io wee mee usoro ndị a:
- Wụnye Docker Engine na nkesa Ubuntu gị site na iji ntuziaka na edemede ngwa ngwa ebe a:
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
- Ịnwekwara ike ịwụnye Docker Engine site na iji iwu ndị a ma ọ bụrụ na edemede quickstart anaghị arụ ọrụ maka nkesa Ubuntu gị:
sudo apt-nweta mmelite
sudo apt-nweta install \
akwụkwọ ikike \
curl \
gnupg \
lsb-nhapụ
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg -dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
ikwughachi \
"deb [arch = $ (dpkg -print-architecture) bịanyere aka na =/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) kwụsiri ike" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-nweta mmelite
sudo apt-nweta tinye docker-ce docker-ce-cli containerd.io docker-compose-plugin
- Nyochaa Docker Engine na-eji iwu na-esonụ nke kwesịrị ịpụta Hello World wee mechie akpa Docker:
sudo docker ọsọ ndewo-ụwa
17. Download na-agba ọsọ Dockerfile si Poste.io si https://poste.io/doc/getting-started iji iwu dị n'okpuru.
$ docker ọsọ \
-net = onye ọbịa \
-e TZ=America/New_York
-v /data-dir/data:/data \
-aha "mailserver" \
-h "mail.yourphishdomain.com"
-t analog / poste.io
Enwere mgbanwe ole na ole ị ga-achọ ime na iwu a:
- -e TZ=America/New_York Tọọ mpaghara oge maka oge ụbọchị ziri ezi
- -v /your-data-dir/data:/data Na-ebuli ndekọ data sitere na sistemụ nnabata. Ebe nchekwa data onye ọrụ, ozi-e, ndekọ, niile ga-ejedebe na ndekọ a maka nkwado ndabere dị mfe.
- - aha "ihe nkesa ozi" Gbaa poste.io dị ka akpa nwere aha akọwara
- -h "mail.yourphishdomain.com" Aha nnabata maka ihe nkesa ozi phish gị
Poste.io ga-ahụ maka ịhazi usoro nchekwa kachasị ọhụrụ, TLS, SPF, DKIM, na DMARC n'aha gị.
- Jiri ngwa na-ekpo ọkụ IP ma ọ dịkarịa ala awa 72 tupu mkpọsa nyocha phish.
Lemlist bụ $29/mo, na WarmupInbox bụ $9/mo, rụtụ aka na IP Warming SOP maka nkọwa.
Biko rụtụ aka na ntuziaka “Otu esi akpọọ oku IP” maka ntụle ikpo ọkụ IP.
SOP: Otu esi kpoo IP maka sava email ọhụrụ
- Sochie aha IP site na iji poste.io/dnsbl, mxtoolbox.com/blacklists.aspx ma ọ bụ dnsbl.info.
20. Nyochaa ihe nkesa ozi na ndebiri email site na iji mail-tester.com iji melite nnyefe.
Otu esi ahazi dashboard nnwale Phish gị
21. Mepụta ma ọ bụ banye na Akaụntụ AWS gị
22. Gaa na ndepụta GoPhish ahịa
23. Malite nnwale n'efu na ndepụta ahịa
24. Nabata usoro na inye ihe nkesa GoPhish n'ime akaụntụ AWS gị. Ọ bụrụ na ị na-emepụta akaụntụ ọhụrụ, Amazon ga-enyocha akaụntụ gị wee zite gị nkwenye site na email.
25. Jiri aha njirimara na ihe atụ gị banye na dashboard GoPhish gị.
26. Hazie profaịlụ izipu gị ka ijiri ihe nkesa Poste.io SMTP ọhụrụ gị na Contabo.
Nkọwa njikọ SMTP
- onye ọbịa: mail.yourphishdomain.com
- ọdụ ụgbọ mmiri: 465 (TLS chọrọ), 587 ọzọ (STARTTLS chọrọ)
- achọrọ nyocha
- aha njirimara bụ adreesị ozi-e dum username@example.com
- 27. Hazie mkpọsa mbụ gị.
- 28. Zipụ mkpọsa mbụ gị
Ị nwere ajụjụ? Ị nwere ike ịhụ akwụkwọ GoPhish anyị ebe a, ma ọ bụ kpọtụrụ anyị maka enyemaka na support@hailbytes.com
AJỤJỤ AJỤJỤ BAỊBỤL
- onye ọbịa: mail.yourphishdomain.com
- ọdụ ụgbọ mmiri: 465 (TLS chọrọ), 587 ọzọ (STARTTLS chọrọ)
- achọrọ nyocha
- aha njirimara bụ adreesị ozi-e dum username@example.com
- 27. Hazie mkpọsa mbụ gị.
- 28. Zipụ mkpọsa mbụ gị
Ị nwere ajụjụ? Ị nwere ike ịhụ akwụkwọ GoPhish anyị ebe a, ma ọ bụ kpọtụrụ anyị maka enyemaka na support@hailbytes.com