-
Notifications
You must be signed in to change notification settings - Fork 537
Database
The King Phisher server requires a database connection for storing data related
to campaigns that are running. Currently the only two backends that are
currently supported are SQLite and PostgreSQL. After configuring the database,
the connection string needs to be set in the server's configuration file under
server/database. When King Phisher starts for the first time it will create
all necessary tables automatically.
PostgreSQL is the preferred database backend of King Phisher. The database needs to be configured before the server starts. It is also highly recommended that a dedicated database user for King Phisher be created that only has access to the database used. These steps are generally handled by the installation script which will create both a user and database for King Phisher.
First find the pg_hba.conf file and add the following line:
host king_phisher king_phisher 127.0.0.1/32 md5
Then create the PostgreSQL user:
postgres@localhost:$ createuser king_phisher -P
Enter password for new role: yournewpassword
Enter it again: yournewpassword
And finally create the database with the new owner:
postgres@localhost:$ createdb --owner=king_phisher king_phisher
The database service may need to be restarted and the server configuration file
will need to be updated with the database connection string. The syntax for the
PostgreSQL connection string in the configuration is
postgresql://username:password@localhost/database_name.
NOTICE: If the King Phisher server is configured to use a service file to automatically start on boot, then the PostgreSQL service will also need to be configured to start on boot. The King Phisher server will attempt to start the PostgreSQL service if it can not connect to it, however if both the connection and service start attempts fail, the King Phisher server will not start.
Backing up the PostgreSQL database should be done periodically as needed. The PostgreSQL site contains the steps on how this can be accomplished in the documentation.
To summarize, a complete backup of the "king_phisher" database can be created by running:
# su postgres -l -c "pg_dump -Fc king_phisher | gzip > king-phisher-database.pgsql.gz"
To reset the password for a PostgreSQL user, use an ALTER USER query from the
SQL console. See the ALTER USER SQL command documentation for more
information.
postgres@localhost:$ psql
psql (9.6.8)
Type "help" for help.
postgres=# ALTER USER king_phisher WITH PASSWORD 'NEWPASSWORD';
ALTER ROLE
Starting in version 0.1.6 SQLite is only supported in a limited capacity. SQLite is fully supported for all King Phisher functions, with the exceptions of automatic database upgrades. If SQLite is being used, then when a new database schema is released for King Phisher, the old database will be incompatible. Users will be left with the only option of deleting the old SQLite database file in order to use the newest versions. Because of this, it is highly recommended that users who desire to maintain campaign data over long periods of time use a more full featured DBMS such as PostgreSQL.
The limitations of automatic database migration for SQLite is due to the lack of
functionality surrounding the SQL ALTER TABLE command. More details regarding
this limitation can be found on the SQLite website.