Warhorse Config
Example phishing configuration file that can be used for Warhorse
warhorse:
general:
op_number: "" #To match for tracking purposes
user_tag: ''
ttl: "2022-12-30" # defines how long the DO will last
ntp_timezone: 'America/New_York' # Time Zone Link
vault_key: '' #add vault key
dns:
provider: "digitalocean" #Provider for DNS Settings
op_tld: "" # get a domain and add it here example left here
op_domain_name: "" #this is going to be your operational subdomain
vm:
- name: "phish" #name of the vm
provider: "digitalocean" #Provider for the VM
http_proxy: "nginx" #Front End Proxy to proxy pass all requests to backend
gophish:
enabled: true
site_hostname: "gpredirect"
admin_hostname: "gpadmin" #this will be appended as a subdomain for gophish admin page for nginx
white_list_ip: "" #Allow List only the appropriate IP to access the phishing server
firewall:
enabled: true
golang:
enabled: true
evilginx2:
enabled: true
evilginx_domain: "azureedge.net"
redirect_domain: "azure.com"
nginx_hostnames:
- "-www" #nginx host name needs to match Azure CDN
- "-login"
o365:
www_hostname: "-www" # these have to be unique for Azure
login_hostname: "-login"
lures:
- name: dontphishme #Name of your evilginx2 lure
path: "/dontphishme" #define the path for evilginx2 which will be added to your CDN
phishlet: "o365"
redirect_url: https://www.azure.com
phishlets:
- "o365"
- "outlook"
cdn:
- name: "www"
provider: "azure"
hostname: "-www"
- name: "login"
provider: "azure"
hostname: "-login"
backup:
enabled: false
archive_zip: false
terraform:
state_bucket_enabled: true
state_bucket_name: "bucket_name"
state_bucket_key: "" # bucket key
state_bucket_region: "us-east-1"
state_bucket_endpoint: "https://nyc3.digitaloceanspaces.com"
bucket_access_key: "" #access key
bucket_secret_key: "" #secret key
digitalocean_token: "" #api key
users:
- username: 'ssh_user'
name: 'SSH User'
authorized_keys:
- "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
shell: '/usr/bin/zsh'
