Softpedia >Windows >Security >Security Related >King Phisher >  Changelog

King Phisher Changelog

What's new in King Phisher 1.14.0

Aug 2, 2019
  • Added the Message-ID MIME header to outgoing messages
  • Attempt SSH authentication with all agent-provided SSH keys
  • Deleted Pipfile.lock from repository to prevent hash issues between python interpreter versions
  • Add --three to pipenv install and pipenv --update startup procedures to force use of Python 3
  • Added server support for installing missing plugin requirements during initialization
  • Added asynchronous RPC methods to the client
  • Added GraphQL and database schema documentation
  • Changed Target URL to Web Server URL in Campaign Editor
  • Added the ability issue SSL Certificates through certbot

New in King Phisher 1.13.1 (Apr 20, 2019)

  • Fixed broken references to start_process
  • Fixed a KeyError when creating a campaign for the first time
  • Updated SQLAlchemy and Jinja2 libraries for security patches

New in King Phisher 1.13.0 (Apr 5, 2019)

  • Added support for logging MFA tokens with credentials
  • Added support for using regular expressions to validate credentials
  • Automatically try to install plugin dependencies with pip from PyPi
  • Added advanced, rule-based filtering support to the Campaign tabs
  • Added site template metadata
  • Site templates can now include a metadata file for describing their content
  • The Campaign Assistant will help select a target URL based on available templates

New in King Phisher 1.12.0 (Nov 8, 2018)

  • Added support for users to set their email address for campaign alerts via email
  • Added additional plugin metadata fields for reference URLs and category classifiers
  • Added additional documentation including an architecture overview for reference
  • Multiple improvements to the client plugin manager
  • There is now an option to update plugins in the menu
  • Plugins can ship with dedicated documentation in markdown files that will be displayed
  • The GUI no longer locks up while tasks like downloading plugins are taking place
  • Added the new fetch Jinja function and fromjson Jinja filter
  • Added campaign-alert-expired and campaign-expired server signals
  • Switched to using Pipenv to manage the environment and dependencies
  • MSI Build Hashes:

New in King Phisher 1.11.0 (Apr 13, 2018)

  • Updated to support matplotlib version 2.2.0
  • Removed docker server support
  • Multiple improvements to the installation script
  • Users can now specify a supported Linux distro when it is not automatically detected
  • The database connection string is kept to avoid PostgreSQL password resets
  • Added support for setting message UID character set options
  • Bumped the required minimum version of Python to 3.4 and GTK to 3.14
  • Update Windows build to use pygi-aio-3.24.1_rev1 PyGObjects
  • Multiple bug fixes.

New in King Phisher 1.10.0 (Mar 17, 2018)

  • Added a campaign-alert server signal for custom alert delivery mechanisms
  • Use GraphQL for loading data instead of the legacy table-based API
  • Support fault-tolerance when dispatching server signals
  • Allow a country code to be set in users' phone numbers
  • Visits will now be tracked if the landing page is any existing type
  • Multiple RPC Terminal improvements
  • Fix a bug regarding line wrapping due to the TERM environment variable
  • Use ipython when it's installed
  • Added %graphql and %graphql_file magic commands
  • Tweaks to the default MIME-encoded HTML message to reduce it's SpamAssassin score
  • Modified client signals to allow better API control
  • Added message-create and target-create for modifying the respective objects
  • Added message-send and target-send to allow skipping the message and target
  • Removed the send-message and send-target signals in favor of the new ones

New in King Phisher 1.9.0 (Nov 23, 2017)

  • Support resetting plugins options to their respective defaults
  • Moved Office 2007+ metadata removal to a new plugin
  • Added support for installing plugins from remote sources through the UI
  • Added timeout support for SPF DNS queries
  • Support for installing on Arch Linux
  • Multiple server improvements
  • Upgrade AdvancedHTTPServer to v2.0.11 to support async SSL handshakes
  • Support using an include directive in the server configuration file
  • Added a request-handle signal for custom HTTP request handlers
  • Removed address support from the server config in favor of addresses
  • Support login as an alias of the username parameter for credentials

New in King Phisher 1.8.0 (Jun 7, 2017)

  • Warn Python 2.7 user that this is the last release Python 2.7 will be supported
  • The Windows MSI Build is now in Python 3.4
  • Install script now supports Red Hat Server 7
  • Support the client on OS X by using Docker
  • Support for issuing certificates with acme while the server is running
  • Add a wrapping tool for certbot to make the process easier
  • Updated tools/cx_freeze.py to build the King Phisher client in Python 3.4
  • Updated documentation for the Windows build
  • Multiple Bug Fixes, and tweaks to make things run smoothe

New in King Phisher 1.7.1 (Apr 18, 2017)

  • Bug fix in the Windows build for HTTPS connections from the requests package

New in King Phisher 1.7.0 (Apr 5, 2017)

  • Better error messages for malformed server configuration files
  • Support for sending to targets via To / CC / BCC fields
  • New features for client and server plugins
  • Add comparison of "trained" statistics to the campaign comparison
  • Support for including and importing Jinja templates from relative paths
  • Support for including custom HTTP headers in server responses
  • New feature to import Campaigns from XML files
  • Support for emails address with longer top level domain names

New in King Phisher 1.6.0 (Feb 2, 2017)

  • Support negotiating STARTTLS with SMTP servers that support it
  • Support for real time event publishing to the client
  • Support for a new GraphQL API for more efficient data queries
  • More flexibility in configuring server logging
  • Add persistent storage for server plugin data
  • Add a Jinja function to check if a password is complex
  • Add client message-data-export and message-data-import signals
  • King Phisher now starts with Python3 by default
  • tools/install.sh now creates a backup of server_config.yml when present
  • MINOR BUG FIXES:
  • Minor CSS fixes
  • Special characters now display in the UI correctly

New in King Phisher 1.5.2 (Jan 26, 2017)

  • Minor bug fixes
  • Use Default SMS sender to fix SMS subscription with T-Mobile
  • Upgrade AHS to v2.0.6 to fix select polling
  • Corrected issue when attachment file is inaccessible
  • Fixed issue when message file directory is gone
  • Fixed server side encoding error with basic auth
  • Fixed TypeError handling while rendering templates
  • Fixed a unicode bug when processing targets csv
  • Fixed install.sh script for CentOS7 and python3
  • Fixed show exception dialog with Glib idle_add
  • Fixed a logic bug causing premature SMTP reconnects
  • Fixed Webkit-1 load_string Null error

New in King Phisher 1.5.1 (Jan 26, 2017)

  • Automated installation script improvements
  • Backup an existing server configuration file
  • Log warnings when the PostgreSQL user exists
  • Improve the Metasploit plugin for session notifications via SMS
  • Support exporting credentials for use with Metasploit's USERPASS_FILE option.

New in King Phisher 1.5.0 (Sep 23, 2016)

  • SPF button on GUI, for on demand SPF record checking
  • Additional packages included in Windows build for plugin support
  • Bug fixes:
  • Windows time zone issues fixed
  • dnspython support updated

New in King Phisher 1.4.0 (Aug 9, 2016)

  • Added additional Jinja variables for server pages
  • Upgraded to AdvancedHTTPServer version 2
  • Added support for binding to multiple interfaces
  • Added support for multiple SSL hostnames via SNI
  • Support for plugins in the server application
  • Campaign Comparison Tools
  • Added server signals for event subscriptions in plugins
  • Updated the style for GTK 3.20
  • Start to warn users about the impending Python 2.7 deprecation
  • Change to installing for Python 3
  • Added an uninstallation script

New in King Phisher 1.3.0 (Jun 14, 2016)

  • Added automatic setup of PostgreSQL database for the server
  • Server bug fixes when running on non-standard HTTP ports
  • Added completion to the messaged editor
  • Support for plugins in the client application
  • Added a client plugin to automatically check for updates
  • Added a client plugin to generate anonmous statistics
  • Added debug logging of parameters for key RPC methods
  • Lots of Python 3.x compatiblity fixes

New in King Phisher 1.2.0 (Jun 14, 2016)

  • SSH host key validation
  • Install script command line flags
  • Support for authenticating to SMTP servers
  • Style and compatibility changes for Kali

New in King Phisher 1.1.0 (Jun 14, 2016)

  • Added an option to send a message to a single target
  • Support for sending calendar invite messages
  • Added PostgreSQL setup to the installer
  • Support for exporting to Excel
  • Added a Jupyter notebook for interactive data analysis
  • Added additional campaign filtering options
  • Support for removal of metadata from Microsoft Office 2007+ documents

New in King Phisher 1.0.0 (Jun 14, 2016)

  • Moved templates to a dedicated separate repository
  • Added a custom theme for the client
  • Added support for two factor authentication with TOTP
  • Support for specifying an img style attribute for inline images in messages

New in King Phisher 0.3.0 (Jun 14, 2016)

  • Added a new campaign creation assistant
  • Support for expiring campaigns at a specified time
  • Track more details when messages are opened such as the IP address and User Agent
  • Support for tagging campaign types
  • Support for organizing campaigns by companies
  • Support for storing email recipients department name

New in King Phisher 0.2.1 (Jun 14, 2016)

  • Added syntax highlighting to the message edit tab
  • Technical documentation improvements, including documenting the REST API
  • Support reloading message templates when they change from an external editor
  • Support for pulling the client IP from a cookie set by an upstream proxy
  • Support for embedding training videos from YouTubeAdded a Metasploit plugin for using the REST API to send SMS messages
  • Support for exporting visit information to GeoJSON

New in King Phisher 0.2.0 (Jun 14, 2016)

  • Added additional graphs including maps when basemap is available
  • Added geolocation support
  • Made dashboard layout configurable
  • Support for cloning web pages
  • Support for installing on Fedora
  • Support for running the server with Docker

New in King Phisher 0.1.7 (Jun 14, 2016)

  • Added make_csrf_page function
  • Added server support for SSL
  • Support verifying the server configuration file
  • dded a desktop file and icon for the client GUI
  • Added support for operating on multiple rows in the client's campaign tables
  • Support starting an external SFTP application from the client
  • Tweaked miscellaneous features to scale for larger campaigns (35k+ messages)
  • Updated AdvancedHTTPServer to version 0.4.2 which supports Python 3
  • Added integration for checking Sender Policy Framework (SPF) records

New in King Phisher 0.1.6 (Jun 14, 2016)

  • Migrated to SQLAlchemy backend (SQLite will no longer be supported for database upgrades) ◦Added support for PostgreSQL as a DBMS backend
  • Added additional documentation to the wiki
  • Enhanced error handling and UI documentation for a better user experience
  • Support for quickly adding common dates and times in the message editor

New in King Phisher 0.1.5 (Jun 14, 2016)

  • Added support for inline images in emails
  • Import and export support for message configurations
  • Highlight the current campaign in the selection dialog