3.5. RPC API

3.5.1. Overview

The RPC API is used by the King Phisher client to communicate with the server. It uses the RPC capabilities provided by the AdvancedHTTPServer module for the underlying communications. The RPC API provides a way for the client to retrieve and set information regarding campaigns as well as the server’s configuration. RPC requests must be authenticated and are only permitted from the loopback interface. The client is responsible for using SSH to set up a port forward for requests. See the Login Process documentation for more information.

3.5.2. RPC API Versioning

It’s important for the client and server components to have a compatible RPC version. The version each understands is described in the rpc_api_version object. This object contains both a major and minor version identifier. The major version is incremented when backwards-incompatible changes are made such as an argument or method is removed. The minor version is incremented when backwards-compatible changes are made such as when a new method is added or when a keyword argument is added whose default value maintains the original behavior.

In this way, it is possible for the server to support a newer RPC version than the client. This would be the case when the server is newer and provides more functionality than the older client requires.

Since version v1.10.0, the GraphQL API loosens the interdependency between the RPC API version and the database’s schema version. Since GraphQL allows the client to specify only the fields it requires, new fields can be added to the database without incrementing the major RPC API version. It is still important to increment the minor RPC API version so the client knows that those fields are available to be requested through the graphql endpoint. If database fields are removed, columns are renamed, columns types are changed, or columns have additional restrictions placed on them, the major RPC API version must be incremented.

3.5.3. General API

graphql(query, query_vars=None )
Handler:rpc_graphql()
login( )
Handler:rpc_login()
logout( )
Handler:rpc_logout()
ping( )
Handler:rpc_ping()
plugins/list( )
Handler:rpc_plugins_list()
shutdown( )
Handler:rpc_shutdown()
version( )
Handler:rpc_version()

3.5.4. Campaign API

campaign/alerts/is_subscribed(campaign_id )
Handler:rpc_campaign_alerts_is_subscribed()
campaign/alerts/subscribe(campaign_id )
Handler:rpc_campaign_alerts_subscribe()
campaign/alerts/unsubscribe(campaign_id )
Handler:rpc_campaign_alerts_unsubscribe()
campaign/landing_page/new(campaign_id, hostname, page )
Handler:rpc_campaign_landing_page_new()
campaign/message/new(campaign_id, email_id, email_target, company_name, first_name, last_name )
Handler:rpc_campaign_message_new()
campaign/new(name, description=None )
Handler:rpc_campaign_new()
campaign/stats(campaign_id )
Handler:rpc_campaign_stats()

3.5.5. Configuration API

config/get(option_name )
Handler:rpc_config_get()
config/set(options )
Handler:rpc_config_set()

3.5.6. Event API

events/is_subscribed(event_id, event_type )
Handler:rpc_events_is_subscribed()
events/subscribe(event_id, event_types, attributes )
Handler:rpc_events_subscribe()
events/unsubscribe(event_id, event_types, attributes )
Handler:rpc_events_unsubscribe()

3.5.7. GeoIP API

geoip/lookup(ip, lang=None )
Handler:rpc_geoip_lookup()
geoip/lookup/multi(ips, lang=None )
Handler:rpc_geoip_lookup_multi()

3.5.8. Table API

db/table/count(table_name, query_filter=None )
Handler:rpc_database_count_rows()
db/table/delete(table_name, row_id )
Handler:rpc_database_delete_row_by_id()
db/table/delete/multi(table_name, row_ids )
Handler:rpc_database_delete_rows_by_id()
db/table/get(table_name, row_id )
Handler:rpc_database_get_row_by_id()
db/table/insert(table_name, keys, values )
Handler:rpc_database_insert_row()
db/table/set(table_name, row_id, keys, values )
Handler:rpc_database_set_row_value()
db/table/view(table_name, page=0, query_filter=None )
Handler:rpc_database_view_rows()