Not able to spoof 2fa ip location, facebook. Device based 2fa location retrieves evilginx host ip location instead of actual client ip

[ghost-hub1]

Hello guys,

Is there anyone that can help as to how to modify the http_proxy.go file in evilginx core cos when facebook sends 2fa auth to the device, it shows the location of the server hosting evilginx instead of retrieving the actual client's ip address but ua is good, issue is with the ip address somehow and after inspecting facebook network over and over, they dont use headers for ip address otherwise, this would have been very easy...

Please 🙏 anyone with help??? every other thing works so far just that when it is time to approve 2fa and you see another location?? that is definitely a problem.

[An0nUD4Y]

You can check the original request which triggering the 2fa, this request may have some parameters or may be you can play around with headers to spoof the ip address.