-
Notifications
You must be signed in to change notification settings - Fork 549
Updating King Phisher
King Phisher uses the git version control system which is also the preferred method for updating. The following example will update users in between stable releases.
Note: If everything is up to date, the git pull
command will exit with the message "Already up-to-date." and no further action is required.
From the directory where King Phisher is installed:
[user@localhost king-phisher]$ git fetch origin
[user@localhost king-phisher]$ git pull
[user@localhost king-phisher]$ sudo tools/install.sh --update
Note that the tools/install.sh
script is necessary to install any new dependencies (both OS and Python packages).
The following is an excerpt from an Ansible playbook which can be used to update a King Phisher installation.
- name: Update king-phisher
hosts: king_phisher_servers
become: yes
become_user: root
vars:
date_timestamp: "{{ lookup('pipe', 'date +%Y_%m_%d') }}"
db_backup_filename: "kp-db-{{ date_timestamp }}.gz"
tasks:
# skip this if you don't have plugins installed
- name: Update the king-phisher-plugins source files
git: dest=/opt/king-phisher-plugins force=yes repo=https://github.com/securestate/king-phisher-plugins.git
- name: Update the king-phisher source files
git: dest=/opt/king-phisher force=yes repo=https://github.com/securestate/king-phisher.git version=dev
register: git_clone
- name: Synchronize king-phisher requirements
command: /opt/king-phisher/tools/install.sh --update
when: git_clone.changed
- name: Restart the king-phisher service
service: name=king-phisher state=restarted
when: git_clone.changed
- name: Backup the king-phisher database
become: yes
become_user: postgres
shell: pg_dump -Fc king_phisher | gzip > /tmp/{{ db_backup_filename }}
args:
creates: /tmp/{{ db_backup_filename }}
From the directory where King Phisher is installed:
[user@localhost king-phisher]$ git fetch origin
[user@localhost king-phisher]$ git pull
[user@localhost king-phisher]$ sudo python3 -m pip install -r requirements.txt
For best results, both the client and server should be updated at the same time to ensure RPC API compatibility. If only one is updated, the client may display a dialog that the versions are incompatible if a major change has been introduced. Changes which break version compatibility exist but are not very common.
After updating the server component, additional settings may be required in the
configuration. The current configuration file can be validated using the command
sudo ./KingPhisherServer --verify-config server_config.yml
. Required options
that are missing from the configuration will be listed in the output. Examples
of the required options can be found in the template server configuration
file. Edit the existing configuration file to add the missing settings.
The server uses the MaxMind GeoIP database for location lookups. This database is not automatically updated and needs to be done manually to ensure that the server has the latest and most accurate information. It is recommended to use a GeoIP database that is no older than 4 to 8 weeks before running a new campaign.
To update the GeoIP database:
# stop the King Phisher server (if it is running)
[user@localhost king-phisher]$ sudo systemctl stop king-phisher.service
# run the server with the `--update-geoip-db` option
[user@localhost king-phisher]$ sudo ./KingPhisherServer --update-geoip-db server_config.yml
# restart the server with
[user@localhost king-phisher]$ sudo systemctl start king-phisher.service
King Phisher releases it's latest stable versions to the master branch however this is done relatively infrequently to ensure stability. Public changes and updates are generally staged in the dev branch for a period of testing. Users that are interested in beta-testing the latest features, the dev branch should be checked out instead. Any issues found with the dev branch should be reported by opening an issue.
Due to the nature of the dev branch being used as a staging area for public testing, it is likely to have minor issues. Please be patient as they are addressed. Thoroughly testing King Phisher is an important part of releasing stable versions.
Thank you for beta testing!
The procedure to checkout the dev branch for the first time is:
[user@localhost king-phisher]$ git fetch origin
[user@localhost king-phisher]$ git checkout -b dev origin/dev
# go to steps from "How To Update From Git"
After the dev branch has been checked out, it can be updated using the same procedure described in the updating from git section.
The changes in the beta branch are generally merged into the master branch every 2 to 6 weeks.
The procedure to switch back to the master branch is:
[user@localhost king-phisher]$ git checkout master
# at this point the master branch is in use but needs to be updated
[user@localhost king-phisher]$ git pull
# go to steps from "How To Update From Git"