The King Phisher version 1.8 has arrived with the following changes:
- Warn Python 2.7 users that this is the last release Python 2.7 will be supported
- The Windows MSI build is now in Python 3.4
- King Phisher server now supports Red Hat Server 7
- King Phisher client support for OS X by using Docker
- Support for issuing certificates with acme while the server is running
- Python wrapper tool for certbot to make the process of issuing certificates easier
- Multiple Bug Fixes, and tweaks to make things run smoother
King Phisher version 1.8 will be the last release supporting Python 2.7. To have King Phisher installed and running in Python 3, just uninstall and reinstall with the latest version of the installation script. The Windows client is now built in Python 3, increasing the stability and performance of the Windows client. Windows users will notice that the new build results in a more responsive interface.
The King Phisher server now supports Red Hat Server 7. The installation is easy as ever for any supported operating system.
Thank you to Alex Cline for contributing to King Phisher. His contribution now allows the King Phisher client to run on OS X by utilizing Docker. Extensive information on getting this feature up and running, is located in the tools/mac-client/README.md file.
Generation of SSL Certificates is now easier through a Python wrapper for certbot located in the King Phishers tools directory. This allows the generation of Let’s Encypt certificates while the King Phisher server is running. To utilize the certbot_wrapper.py, first install certbot, then navigate to the King Phisher folder and run
tools/certbot_wrapper.py -c server_config.yml yourdomainnamehere.com. Wait for the script to complete and copy the specified lines from the output into the server_config.yml file under the ssl_hosts: section. Restart the King Phisher Server, and presto the site now has a valid certificate. No need to stop the server first to run the utility any more.
Updates to the King Phisher Plugin Repository:
- Phishery Client Plugin to inject Template URLS into DOCX files
- SFTP Client now has the capability to edit files
- Bug Fixes to DMARC Plugin
- Bug Fixes in the SFTP Client Plugin
The King Phisher SFTP client now has the capability to edit text files. This functionality makes it extremely easy to update website templates. No more needing to download, edit, then FTP the changes back up. Add the updated SFTP client package to the client plugin path and enable it like other plugins using the plugin manager window. Launch the SFTP Client through
Tools > SFTP Client. Once the SFTP client has started right, click on the file and select edit. Make changes in the new tab that opens and save your changes, its that easy. This editor is also complete with server side Jinja and HTML autocomplete suggestions.
Interested in having a private King Phisher server instance hosted for your organization? Check out SecureState’s Phishing Self Service for details.