Fix for extraFields

t94j0 · May 9, 2024 · 568b83f · 568b83f
1 parent 9475dc2
commit 568b83f
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 7 deletions.
diff --git a/README.md b/README.md
@@ -78,6 +78,8 @@ ghostwriter:
   oplog_id: 1
   # (Optional) Disable email, username, and credentials from being sent to ghostwriter
   disable_credentials: true
+  # Ignore SSL Self Signed error
+  ignore_self_signed_certificate: true
 
 # You can also supply an email template for each notification
 email_submitted_credentials_template: |

diff --git a/config.go b/config.go
@@ -22,8 +22,8 @@ Email Address - {{ .Email }}
 IP Address - {{ .Address }}
 User Agent - {{ .UserAgent }}`
 
-var defaultgraphqlTemplate = `mutation InsertGophishLog ($oplog: bigint!, $sourceIp: String, $tool: String,	$userContext: String, $description: String, $output: String, $comments: String) {
-	insert_oplogEntry(objects: {oplog: $oplog, sourceIp: $sourceIp, tool: $tool, userContext: $userContext, description: $description, comments: $comments, output: $output}) {
+var defaultgraphqlTemplate = `mutation InsertGophishLog ($oplog: bigint!, $sourceIp: String, $tool: String,	$userContext: String, $description: String, $output: String, $comments: String, $extraFields: jsonb!) {
+	insert_oplogEntry(objects: {oplog: $oplog, sourceIp: $sourceIp, tool: $tool, userContext: $userContext, description: $description, comments: $comments, output: $output, extraFields: $extraFields}) {
 	  returning {
 		id
 	  }

diff --git a/sending_helpers.go b/sending_helpers.go
@@ -2,7 +2,9 @@ package main
 
 import (
 	"context"
+	"crypto/tls"
 	"fmt"
+	"net/http"
 	"net/smtp"
 
 	"github.com/ashwanthkumar/slack-go-webhook"
@@ -58,20 +60,32 @@ func sendEmail(subject, body string) error {
 
 func sendGraphql(data ghostwriterOplogEntry) error {
 	url := viper.GetString("ghostwriter.graphql_endpoint")
-	api_key := viper.GetString("ghostwriter.api_key")
+	apiKey := viper.GetString("ghostwriter.api_key")
+	ignoreSelfSigned := viper.GetBool("ghostwriter.ignore_self_signed_certificate")
 	query := viper.GetString("graphql_default_query")
-	oplog_id := viper.GetInt("ghostwriter.oplog_id")
-	client := graphql.NewClient(url)
+	oplogId := viper.GetInt("ghostwriter.oplog_id")
+
+	var client *graphql.Client
+	if ignoreSelfSigned {
+		tr := &http.Transport{
+			TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
+		}
+		httpClient := &http.Client{Transport: tr}
+		client = graphql.NewClient(url, graphql.WithHTTPClient(httpClient))
+	} else {
+		client = graphql.NewClient(url)
+	}
 
 	req := graphql.NewRequest(query)
-	req.Header.Set("Authorization", "Bearer "+api_key)
-	req.Var("oplog", oplog_id)
+	req.Header.Set("Authorization", "Bearer "+apiKey)
+	req.Var("oplog", oplogId)
 	req.Var("sourceIp", data.SourceIp)
 	req.Var("tool", "gophish")
 	req.Var("userContext", data.UserContext)
 	req.Var("description", data.Description)
 	req.Var("output", data.Output)
 	req.Var("comments", data.Comments)
+	req.Var("extraFields", "")
 
 	ctx := context.Background()
 	var respData map[string]interface{}