• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

War Room

Shells from above

RSM logo

  • Home
  • About
  • Blog
  • Talks/Whitepapers
  • Tools
  • Recreation
Home > R&D > Development > King Phisher Release 1.9

King Phisher Release 1.9

November 22, 2017 By Erik

Today RSM is proud to announce the latest release of our open source Phishing tool King Phisher. This release brings many new features that we hope offer users a much more pleasant experience and facilitate tapping into some of the more customizable potential of King Phisher.

The biggest upgrade with King Phisher version 1.9 is that the client’s plugin manager got a huge overhaul. With this upgrade you can now install and enable plugins directly from RSM’s Official plugins GitHub repository.  The plugin manager will now download a catalog of available plugins so you can look through all available plugins, read their descriptions and see if their requirements are met. Compatible plugins are then able to be installed by simply clicking a checkbox. This makes installing and managing plugin extremely easy for the end user!

Christain Belk (cbelk) updated install.sh script so King Phisher now supports Arch Linux. This increases the number operating systems supported by King Phisher. We would like to thank Christian Belk (cbelk) for the contribution to the project.

Please note King Phisher will no longer, by default, strip meta data off of Microsoft office 2007+ documents, spreadsheets, pdfs ect. You will now need to install the Office 2007+ Document Metadata Remover plugin and enable it. Once enabled, if you attach files such as docx, and xlsx files to the phishing email, King Phisher will automatically remove the metadata from the file prior to sending out the email.

King Phisher version 1.9  includes the following changes:

  • Support resetting plugins options to their respective defaults
  • Moved Office 2007+ metadata removal to a new plugin
  • Added support for installing plugins from remote sources through the UI
  • Added timeout support for SPF DNS queries
  • Support for installing on Arch Linux
    • Upgrade AdvancedHTTPServer to v2.0.11 to support async SSL handshakes
    • Support using an include directive in the server configuration file
    • Added a request-handle signal for custom HTTP request handlers
    • Removed address support from the server config in favor of addresses
    • Support login as an alias of the username parameter for credentials
    • Multiple server improvements

King Phisher version 1.9.0 can be found under the releases page here: https://github.com/securestate/king-phisher/releases/tag/v1.9.0. Happy Phishing!

Interested in having a private King Phisher server instance hosted for your organization? Check out RSM’s Phishing Self Service for details.

 

Share this...
  • Reddit
  • Email
  • Facebook
  • Twitter
  • Linkedin

Erik

Primary Sidebar

Categories

  • Defense
  • Forensics
  • Offense
  • Physical
  • R&D

Most Viewed Posts

  • DLL Injection Part 1: SetWindowsHookEx 10.8k views
  • Sophos UTM Home Edition – 3 – The Setup 10.8k views
  • Leveraging MS16-032 with PowerShell Empire 10k views
  • Bypassing Gmail’s Malicious Macro Signatures 9.8k views
  • How to Bypass SEP with Admin Access 8.9k views

Footer

  • RSS
  • Twitter
  • Tools
  • About
  • RSM US LLP

+1 800 903 6264

1 S Wacker Dr Suite 800
Chicago, IL 60606

Copyright © 2023 RSM US LLP. All rights reserved. RSM US LLP is a limited liability partnership and the U.S. member firm of RSM International, a global network of independent audit, tax and consulting firms. The member firms of RSM International collaborate to provide services to global clients, but are separate and distinct legal entities that cannot obligate each other. Each member firm is responsible only for its own acts and omissions, and not those of any other party. Visit for more information regarding RSM US LLP and RSM International.