gophish-ruby 0.2.0 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ba7f348fc87e10ad752fe1b59ce329357ca0948dc180b5e5912210fc55a82a44
-  data.tar.gz: bbfd2bad8612b3814f04820c9bcb3e13cf21352b2712e13c85a2cce37c3e4cf5
+  metadata.gz: aadeeb636e448907a3b5f3e33427c19373d903c52f8961b99b28265fe94872de
+  data.tar.gz: 9ef3e492ec39d8ce16327018358c0d873c70ebc20fb8064d4909d9ec66a9a3f4
 SHA512:
-  metadata.gz: 697688a9381c1f53c4174e0d3922b4effc5d582dbd56dd0c71d40370126fb287e143ea7ee18fab7856cff52fc19d16ab6514baa04ca8759a3a8e6997cece2b97
-  data.tar.gz: 48965fe82e77390d55df53cbc9c763edc411e055dadcd51fd7852dba49f17ac519b48a7986a021be2b7eb7ca40153a3effee4d5b999887fa400052f31a437d95
+  metadata.gz: a2678d8b475ef9c5c970a625f9b294ed95afde10781f5251cee81160240a80864654158887fa2df6a7b1ef17c6e7a325a4a3e051b536b72942f4f8123018ee9a
+  data.tar.gz: 94b1ae168de255a5e8d1154285b6b786070a1271b689965e503d5c87a6339ed959ce2df6c41a78fb5e87da245b5bc49961a29debc3a11b67b36e92722cee43ca

data/CHANGELOG.md

@@ -7,10 +7,22 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [0.3.0] - 2025-01-15
+
 ### Added
+
+- **Page Management System**
+  - `Gophish::Page` class for managing landing pages in phishing campaigns
+  - Full CRUD operations for pages (create, read, update, delete)
+  - Support for HTML content with credential capture capabilities
+  - Comprehensive validations requiring page name and HTML content
+  - Site import functionality with `Page.import_site` class method
+  - Option to include resources (CSS, JS, images) during site import
+  - Built-in methods for checking page configuration: `#captures_credentials?`, `#captures_passwords?`, `#has_redirect?`
+
 - **Template Management System**
   - `Gophish::Template` class for managing email templates
-  - Full CRUD operations for templates (create, read, update, delete) 
+  - Full CRUD operations for templates (create, read, update, delete)
   - Support for HTML and plain text email content
   - Comprehensive validations requiring template name and content
   - Email import functionality with `Template.import_email` class method
@@ -32,6 +44,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Enhanced README with detailed usage instructions and configuration examples
 
 ### Changed
+
 - **Breaking Change**: Replaced custom `@changed_attributes` system with ActiveModel::Dirty
 - Updated Base class to use `define_attribute_methods` for proper dirty tracking
 - Modified `#update_record` to include `id` in update payload for proper API calls
@@ -39,6 +52,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Enhanced CSV import validation with better error reporting
 
 ### Fixed
+
 - Console script requiring wrong file name (`gophish_ruby` → `gophish-ruby`)
 - Spec helper requiring wrong file name for consistent naming
 - Corrected require statement in main library file for Template class
@@ -46,6 +60,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [0.1.0] - 2025-08-29
 
 ### Added
+
 - **Core SDK Foundation**
   - `Gophish::Configuration` class for managing API credentials and settings
   - `Gophish::Base` abstract class providing common CRUD operations
@@ -92,12 +107,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   - Rake tasks for testing and quality checks
 
 ### Technical Details
+
 - **Dependencies**: HTTParty 0.23.1, ActiveSupport/ActiveModel/ActiveRecord 8.0+
 - **Ruby Version**: Requires Ruby >= 3.1.0
 - **Architecture**: Modular design with inheritance-based API resources
 - **Security**: Built-in API key authentication for all requests
 
 ### Development Infrastructure
+
 - Bundler gem management with proper gemspec configuration
 - GitHub integration with proper repository URLs and metadata
 - MIT license for open source distribution

data/README.md

@@ -13,6 +13,8 @@ A Ruby SDK for the [Gophish](https://getgophish.com/) phishing simulation platfo
 - **CSV Import Support**: Easy bulk import of targets from CSV files
 - **Email Template Management**: Create, modify, and manage email templates with attachment support
 - **Email Import**: Import existing emails and convert them to templates
+- **Site Import**: Import landing pages directly from existing websites
+- **Page Management**: Create, modify, and manage landing pages with credential capture
 - **SSL Configuration**: Configurable SSL verification for development environments
 - **Debug Support**: Built-in debugging capabilities for API interactions
 - **Change Tracking**: Automatic tracking of attribute changes with ActiveModel::Dirty
@@ -301,6 +303,174 @@ puts group.attribute_changed?(:name)  # => true
 puts group.attribute_was(:name)  # => "Original Name"
 ```
 
+### Pages Management
+
+Pages represent landing pages that targets will see when they click on phishing links in your campaigns.
+
+#### Creating a Page
+
+```ruby
+# Create a simple landing page
+page = Gophish::Page.new(
+  name: "Microsoft Login Page",
+  html: <<~HTML
+    <!DOCTYPE html>
+    <html>
+    <head>
+      <title>Microsoft Account Login</title>
+      <style>
+        body { font-family: Arial, sans-serif; margin: 0; padding: 40px; background-color: #f5f5f5; }
+        .login-container { max-width: 400px; margin: 0 auto; background: white; padding: 40px; border-radius: 8px; }
+        .form-group { margin-bottom: 20px; }
+        input { width: 100%; padding: 12px; border: 1px solid #ddd; border-radius: 4px; }
+        button { width: 100%; padding: 12px; background: #0078d4; color: white; border: none; border-radius: 4px; }
+      </style>
+    </head>
+    <body>
+      <div class="login-container">
+        <h2>Sign in to your account</h2>
+        <form method="post">
+          <div class="form-group">
+            <input type="email" name="email" placeholder="Email" required>
+          </div>
+          <div class="form-group">
+            <input type="password" name="password" placeholder="Password" required>
+          </div>
+          <button type="submit">Sign in</button>
+        </form>
+      </div>
+    </body>
+    </html>
+  HTML
+)
+
+# Save the page to Gophish
+if page.save
+  puts "Page created successfully with ID: #{page.id}"
+else
+  puts "Failed to create page: #{page.errors.full_messages}"
+end
+```
+
+#### Creating a Page with Credential Capture
+
+```ruby
+# Create a page that captures login credentials
+page = Gophish::Page.new(
+  name: "Banking Login - Credential Capture",
+  html: <<~HTML
+    <html>
+    <body>
+      <h1>Online Banking</h1>
+      <form method="post">
+        <input type="text" name="username" placeholder="Username" required>
+        <input type="password" name="password" placeholder="Password" required>
+        <button type="submit">Login</button>
+      </form>
+    </body>
+    </html>
+  HTML,
+  capture_credentials: true,
+  capture_passwords: true,
+  redirect_url: "https://www.realbank.com/login"
+)
+
+if page.save
+  puts "Page created with credential capture enabled"
+  puts "Captures credentials: #{page.captures_credentials?}"
+  puts "Captures passwords: #{page.captures_passwords?}"
+  puts "Has redirect: #{page.has_redirect?}"
+end
+```
+
+#### Importing a Website as a Landing Page
+
+```ruby
+# Import an existing website as a landing page template
+begin
+  imported_data = Gophish::Page.import_site(
+    "https://login.microsoft.com", 
+    include_resources: true  # Include CSS, JS, and images
+  )
+  
+  # Create a page from the imported data
+  page = Gophish::Page.new(imported_data)
+  page.name = "Imported Microsoft Login Page"
+  page.capture_credentials = true
+  
+  if page.save
+    puts "Successfully imported and created page from website"
+  end
+rescue StandardError => e
+  puts "Failed to import site: #{e.message}"
+end
+```
+
+#### Retrieving Pages
+
+```ruby
+# Get all pages
+pages = Gophish::Page.all
+puts "Found #{pages.length} pages"
+
+# Find a specific page by ID
+page = Gophish::Page.find(1)
+puts "Page: #{page.name}"
+puts "HTML length: #{page.html.length} characters"
+```
+
+#### Updating a Page
+
+```ruby
+# Update page content and settings
+page = Gophish::Page.find(1)
+page.name = "Updated Page Name"
+page.capture_credentials = true
+page.redirect_url = "https://example.com/success"
+
+# Update HTML content
+page.html = page.html.gsub("Sign in", "Login")
+
+if page.save
+  puts "Page updated successfully"
+end
+```
+
+#### Deleting a Page
+
+```ruby
+page = Gophish::Page.find(1)
+if page.destroy
+  puts "Page deleted successfully"
+end
+```
+
+### Validation and Error Handling
+
+The SDK provides comprehensive validation for pages:
+
+```ruby
+# Invalid page (missing required fields)
+page = Gophish::Page.new(name: "", html: "")
+
+unless page.valid?
+  puts "Validation errors:"
+  page.errors.full_messages.each { |msg| puts "  - #{msg}" }
+  # => ["Name can't be blank", "Html can't be blank"]
+end
+
+# Check page configuration
+page = Gophish::Page.new(
+  name: "Test Page",
+  html: "<html><body>Test</body></html>",
+  capture_credentials: true
+)
+
+if page.captures_credentials?
+  puts "This page will capture submitted credentials"
+end
+```
+
 ## API Documentation
 
 ### Core Classes
@@ -399,6 +569,35 @@ Each attachment in the `attachments` array should have:
 - Template must have either text or HTML content (or both)
 - All attachments must have content, type, and name
 
+#### `Gophish::Page`
+
+Represents a Gophish landing page for phishing campaigns.
+
+**Attributes:**
+
+- `id` (Integer) - Unique page identifier
+- `name` (String) - Page name (required)
+- `html` (String) - HTML content of the page (required)
+- `capture_credentials` (Boolean) - Whether to capture credentials (default: false)
+- `capture_passwords` (Boolean) - Whether to capture passwords (default: false)
+- `redirect_url` (String) - URL to redirect users after form submission
+- `modified_date` (String) - Last modification timestamp
+
+**Class Methods:**
+
+- `.import_site(url, include_resources: false)` - Import a website as a landing page template
+
+**Instance Methods:**
+
+- `#captures_credentials?` - Check if page is configured to capture credentials
+- `#captures_passwords?` - Check if page is configured to capture passwords
+- `#has_redirect?` - Check if page has a redirect URL configured
+
+**Validations:**
+
+- Page must have a name
+- Page must have HTML content
+
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.

data/Rakefile

@@ -3,7 +3,7 @@
 require "bundler/gem_tasks"
 require "rspec/core/rake_task"
 
-RSpec::Core::RakeTask.new(:spec)
+RSpec::Core::RakeTask.new :spec
 
 require "rubocop/rake_task"
 

data/docs/API_REFERENCE.md

@@ -8,6 +8,7 @@ This document provides detailed API reference for the Gophish Ruby SDK.
 - [Base Class](#base-class)
 - [Group Class](#group-class)
 - [Template Class](#template-class)
+- [Page Class](#page-class)
 - [Error Handling](#error-handling)
 - [Examples](#examples)
 
@@ -624,6 +625,325 @@ unless template.valid?
 end
 ```
 
+## Page Class
+
+The `Gophish::Page` class represents a landing page in Gophish campaigns.
+
+### Class: `Gophish::Page < Gophish::Base`
+
+#### Attributes
+
+| Attribute | Type | Required | Description |
+|-----------|------|----------|-------------|
+| `id` | Integer | No | Unique page identifier (set by server) |
+| `name` | String | Yes | Page name |
+| `html` | String | Yes | HTML content of the page |
+| `capture_credentials` | Boolean | No | Whether to capture credentials (default: false) |
+| `capture_passwords` | Boolean | No | Whether to capture passwords (default: false) |
+| `redirect_url` | String | No | URL to redirect users after form submission |
+| `modified_date` | String | No | Last modification timestamp (set by server) |
+
+#### Validations
+
+- `name` must be present
+- `html` must be present
+
+#### Class Methods
+
+##### `.import_site(url, include_resources: false)`
+
+Import a website as a landing page template.
+
+**Parameters:**
+
+- `url` (String) - URL of the website to import
+- `include_resources` (Boolean) - Whether to include CSS, JS, and images (default: false)
+
+**Returns:** Hash of page attributes
+
+**Raises:**
+
+- `StandardError` if import fails
+
+**Example:**
+
+```ruby
+begin
+  page_data = Gophish::Page.import_site(
+    "https://login.microsoft.com",
+    include_resources: true
+  )
+  
+  page = Gophish::Page.new(page_data)
+  page.name = "Imported Microsoft Login"
+  page.capture_credentials = true
+  page.save
+rescue StandardError => e
+  puts "Import failed: #{e.message}"
+end
+```
+
+#### Instance Methods
+
+##### `#captures_credentials?`
+
+Check if page is configured to capture credentials.
+
+**Returns:** Boolean
+
+**Example:**
+
+```ruby
+page = Gophish::Page.new(capture_credentials: true)
+puts page.captures_credentials?  # => true
+```
+
+##### `#captures_passwords?`
+
+Check if page is configured to capture passwords.
+
+**Returns:** Boolean
+
+**Example:**
+
+```ruby
+page = Gophish::Page.new(capture_passwords: true)
+puts page.captures_passwords?  # => true
+```
+
+##### `#has_redirect?`
+
+Check if page has a redirect URL configured.
+
+**Returns:** Boolean
+
+**Example:**
+
+```ruby
+page = Gophish::Page.new(redirect_url: "https://example.com")
+puts page.has_redirect?  # => true
+
+page = Gophish::Page.new
+puts page.has_redirect?  # => false
+```
+
+#### Usage Examples
+
+##### Create a Basic Landing Page
+
+```ruby
+page = Gophish::Page.new(
+  name: "Microsoft Login Clone",
+  html: <<~HTML
+    <!DOCTYPE html>
+    <html>
+    <head>
+      <title>Microsoft Account</title>
+      <style>
+        body { 
+          font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
+          background-color: #f5f5f5;
+          margin: 0;
+          padding: 40px;
+        }
+        .login-form {
+          max-width: 400px;
+          margin: 0 auto;
+          background: white;
+          padding: 40px;
+          border-radius: 8px;
+          box-shadow: 0 2px 10px rgba(0,0,0,0.1);
+        }
+        .form-group { margin-bottom: 20px; }
+        input {
+          width: 100%;
+          padding: 12px;
+          border: 1px solid #ddd;
+          border-radius: 4px;
+          font-size: 14px;
+        }
+        button {
+          width: 100%;
+          padding: 12px;
+          background: #0078d4;
+          color: white;
+          border: none;
+          border-radius: 4px;
+          font-size: 14px;
+          cursor: pointer;
+        }
+        button:hover { background: #106ebe; }
+      </style>
+    </head>
+    <body>
+      <div class="login-form">
+        <h2>Sign in</h2>
+        <form method="post">
+          <div class="form-group">
+            <input type="email" name="username" placeholder="Email" required>
+          </div>
+          <div class="form-group">
+            <input type="password" name="password" placeholder="Password" required>
+          </div>
+          <button type="submit">Sign in</button>
+        </form>
+      </div>
+    </body>
+    </html>
+  HTML
+)
+
+if page.save
+  puts "Landing page created with ID: #{page.id}"
+end
+```
+
+##### Create Page with Credential Capture
+
+```ruby
+page = Gophish::Page.new(
+  name: "Banking Portal - Credential Capture",
+  html: <<~HTML
+    <html>
+    <head>
+      <title>Secure Banking Portal</title>
+      <style>
+        body { font-family: Arial, sans-serif; background: #1e3d59; color: white; }
+        .container { max-width: 400px; margin: 100px auto; padding: 40px; background: white; color: black; border-radius: 10px; }
+        input { width: 100%; padding: 10px; margin: 10px 0; border: 1px solid #ccc; }
+        button { width: 100%; padding: 12px; background: #1e3d59; color: white; border: none; border-radius: 5px; }
+      </style>
+    </head>
+    <body>
+      <div class="container">
+        <h2>Secure Login</h2>
+        <form method="post">
+          <input type="text" name="username" placeholder="Username" required>
+          <input type="password" name="password" placeholder="Password" required>
+          <button type="submit">Access Account</button>
+        </form>
+      </div>
+    </body>
+    </html>
+  HTML,
+  capture_credentials: true,
+  capture_passwords: true,
+  redirect_url: "https://www.realbank.com/login"
+)
+
+puts "Page captures credentials: #{page.captures_credentials?}"
+puts "Page captures passwords: #{page.captures_passwords?}"
+puts "Page has redirect: #{page.has_redirect?}"
+
+page.save
+```
+
+##### Import Website as Landing Page
+
+```ruby
+# Import a real website
+begin
+  imported_data = Gophish::Page.import_site(
+    "https://accounts.google.com/signin",
+    include_resources: true  # Include CSS, JS, images
+  )
+  
+  page = Gophish::Page.new(imported_data)
+  page.name = "Google Login Clone"
+  page.capture_credentials = true
+  
+  if page.save
+    puts "Successfully imported Google login page"
+    puts "Page ID: #{page.id}"
+  end
+  
+rescue StandardError => e
+  puts "Failed to import site: #{e.message}"
+  
+  # Fallback to manual creation
+  page = Gophish::Page.new(
+    name: "Manual Google Login Clone",
+    html: "<html><body><h1>Google</h1><form method='post'><input name='email' type='email' placeholder='Email'><input name='password' type='password' placeholder='Password'><button type='submit'>Sign in</button></form></body></html>",
+    capture_credentials: true
+  )
+  page.save
+end
+```
+
+##### Update Existing Page
+
+```ruby
+page = Gophish::Page.find(1)
+
+# Update content
+page.html = page.html.gsub("Sign in", "Login")
+
+# Enable credential capture
+page.capture_credentials = true
+page.capture_passwords = true
+
+# Set redirect URL
+page.redirect_url = "https://legitimate-site.com"
+
+if page.save
+  puts "Page updated successfully"
+  puts "Now captures credentials: #{page.captures_credentials?}"
+end
+```
+
+##### Page Validation
+
+```ruby
+# Invalid page (missing required fields)
+page = Gophish::Page.new
+
+unless page.valid?
+  puts "Validation errors:"
+  page.errors.full_messages.each { |msg| puts "  - #{msg}" }
+  # => ["Name can't be blank", "Html can't be blank"]
+end
+
+# Valid page
+page = Gophish::Page.new(
+  name: "Valid Page",
+  html: "<html><body>Content</body></html>"
+)
+
+puts page.valid?  # => true
+```
+
+##### Checking Page Configuration
+
+```ruby
+page = Gophish::Page.find(1)
+
+# Check capabilities
+if page.captures_credentials?
+  puts "⚠️  This page will capture user credentials"
+end
+
+if page.captures_passwords?
+  puts "🔐 This page will capture passwords in plain text"
+end
+
+if page.has_redirect?
+  puts "🔄 Users will be redirected to: #{page.redirect_url}"
+else
+  puts "🛑 Users will see a generic success message"
+end
+```
+
+##### Delete Page
+
+```ruby
+page = Gophish::Page.find(1)
+
+if page.destroy
+  puts "Page deleted successfully"
+  puts "Page frozen: #{page.frozen?}"  # => true
+end
+```
+
 ## Error Handling
 
 ### Validation Errors