A question for those with some experience of Evilginx2 2.4 (https://github.com/kgretzky/evilginx2).
I own the URL test.domain.com. I have setup EG on my VPS with a Yahoo template.
I create a 'lure'. I test this with https://www.test.domain.com/abCdEfG which loads the pre-phishing template.
The purpose of this template is so that scanners will not detect the actual login page since you need to click on the pre-phishing template to get to the actual proxied login page.
However, if I omit the lure aspect and go to https://www.test.domain.com/ then the Yahoo login page is loaded. The pre-phishing template is bypassed.
I have tried two things to resolve this. First I used 'config redirect_url https://www.google.com' which I thought would redirect anything that's not to the specific 'lure' URL to the 'redirect_url'. However, it doesn't.
Then I used 'blacklist unauth' to "automatically blacklist IPs of unauthorized requests. This includes all requests, which did not point to a valid URL specified by any of the created lures" (according to the instructions). This doesn't seem to achieve anything.
Does anyone know how to prevent the base URL (https://www.test.domain.com) loading the login page for Yahoo. I don't care if the base URL redirects viewers to the 'redirect_url' or is just blocked.
Many thanks.
[link] [comments]
from hacking: security in practice https://ift.tt/3xJE3tb
Comments
Post a Comment