phishing-frenzy icon indicating copy to clipboard operation
phishing-frenzy copied to clipboard

Published 20 hours ago verified publisher icon pentestgeek

Change vhost used for pixel tracking

Open fraf0 opened this issue 8 years ago • 3 comments

Hi,

The tracking pixel is implemented on the pf vhost.

This have consequences :

  • The logs are in 2 different places (/var/log/apache2 and /var/www/phishing-frenzy/log).
  • The pixel tracking logs are not include in the "View raw Apache logs from campaign" and "download raw Apache logs form campaign".
  • The pf vhost must be exposed to the victims (on internet).

I think it would be better if the pixel tracking land on the phsihing vhost.

Ps : I work on the docker image.

Regards, fraf.

fraf0 avatar Sep 23 '16 12:09 fraf0

I think I implemented this a while ago in fork:

https://github.com/pentestgeek/phishing-frenzy/compare/master...Meatballs1:redirect_to_parent?expand=1

Meatballs1 avatar Sep 26 '16 21:09 Meatballs1

Thanks, I'll check this.

I'm not very easy with RubY/Ror/... :) If I change code in dev mode, how it is taken in account ? Idem in prod mode ?

Regards, fraf

fraf0 avatar Sep 30 '16 12:09 fraf0

Changes made in dev mode are instantly noticed since each request is loaded from the file. Production mode requires a restart of the application server to see any changes. This is because production mode will load everything into memory as part of the initialization process.

zeknox avatar Jan 05 '17 15:01 zeknox