Comments (7)
I amended open PR #59 to address this.
from evilginx2.
As mentioned in #57 this is intented behavior.
domain
in the phishlet should be the same as the original domain of the phished website and it does not reflect its presence in the phishing hostname.
from evilginx2.
Ok thanks for the explanation. Could you give me an example of a sub_filter that targets ssl.xyz.phishdomain.com which is being proxied as ssl2.abc.phishdomain.com according to your example in #57?
from evilginx2.
You can proxy ssl.xyz.com
as ssl2.phishdomain.com
with this:
- {phish_sub: 'ssl2', orig_sub: 'ssl', domain: 'xyz.com', session: false, is_landing: false}
Depends later how you set up the hostname
for the phishlet.
from evilginx2.
Yes, I got that from your example in the other issue. I'm asking about sub_filter
specifically.
Would it just be?:
sub_filters:
- {hostname: 'oath.abc.com', sub: 'ssl', domain: 'xyz.com', search: '{hostname}', replace: '{hostname}, mimes: ['...']}
And evilginx just knows the difference?
{hostname}
in
search: ssl.xyz.com
replace: ssl2.abc.com
from evilginx2.
Yes, Evilginx will know the difference with {hostname}
to look for ssl.xyz.com
in HTML body and replace it with ssl2.phishdomain.com
. It will then search and replace only on sites with domain oath.abc.com
.
from evilginx2.
Right on, thanks. I'll go ahead and close. I'm lucky in this aspect since the ssl.xyz.com
traffic happens in the background with JavaScript and not in the URL bar.
from evilginx2.
Related Issues (20)
- Cant reach domain HOT 1
- failed to set up TLS certificates HOT 11
- Office login constantly detected on chrome HOT 1
- How to Configure Evilginx to Accept All Requests Without Redirecting Unauthorized Ones? HOT 2
- Error for Site Owner: Invalid Domain for Site Key
- Regexp separated by ':' or by ',' ??
- Roblox HOT 1
- Not capturing username or password or cookies HOT 2
- [+++] [0] detected authorization URL - tokens intercepted: /mail/0/sw.js HOT 3
- Gmail phishlet not redirect authorize url HOT 9
- Phishlet auto signing in targets and not capturing anything HOT 2
- The request body must contain the following parameter: 'client_id'.
- The Browser or App may not be secured . I got this error in google phishlet, i think google again updated their policy ,any updates related to this issue? HOT 3
- Save Sessions with correct Username and Password Even Without 2FA Approval
- index out of range crash
- Google phishlets work perfectly fine. HOT 3
- config.json file empty after reboot
- Multi-Value Token Response JSON HOT 1
- Cant get tls certificate??
- JS Graphic problem request
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from evilginx2.