search

kgretzky / evilginx

PLEASE USE NEW VERSION: https://github.com/kgretzky/evilginx2
MIT License
1.07k stars 260 forks source link

[emerg] directive "server_name" is not terminated by ";" #50

Closed tokyoneon closed 6 years ago

tokyoneon commented 6 years ago

Hey @kgretzky, I would like to feature Evilginx on Null Byte, I could use your help resolving this issue. I'm getting a ""server_name" is not terminated by ";"" error even though there are semicolon's at the ends of each directive. No errors when using the install.sh script.

VPS specs:

$ lsb_release -a

Distributor ID: Debian
Description:    Debian GNU/Linux 9.3 (stretch)
Release:    9.3
Codename:   stretch

$ uname -a
Linux hostname 4.9.0-5-amd64 #1 SMP Debian 4.9.65-3+deb9u2 (2018-01-04) x86_64 GNU/Linux

Using the following evilginx command:

$ ./evilginx.py setup --enable facebook -d mywebsite.com
        _ _       _            
       (_) |     (_)           
  _____   ___| | __ _ _ _ __ __  __
 / _ \ \ / / | |/ _` | | '_ \\ \/ /
|  __/\ V /| | | (_| | | | | |>  < 
 \___| \_/ |_|_|\__, |_|_| |_/_/\_\
             __/ |             
 by @mrgretzky  |___/       v.1.1.0

[*] Using domain: mywebsite.com
[*] Stopping nginx daemon...
[+] Site 'facebook' enabled.
[?] Do you want to automatically parse all logs every minute? [y/N] n
[?] Do you want to install LetsEncrypt SSL/TLS certificates now? [Y/n] y
[*] Getting SSL/TLS certificates for following domains:
 - mywebsite.com
 - www.mywebsite.com
 - m.mywebsite.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Cert not yet due for renewal

You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry.
(ref: /etc/letsencrypt/renewal/mywebsite.com.conf)

What would you like to do?
-------------------------------------------------------------------------------
1: Keep the existing certificate for now
2: Renew & replace the cert (limit ~5 per 7 days)
-------------------------------------------------------------------------------
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
Keeping the existing certificate

-------------------------------------------------------------------------------
Certificate not yet due for renewal; no action taken.
-------------------------------------------------------------------------------
[+] Certificates obtained successfully.
[?] Do you want to auto-renew all obtained SSL/TLS certificates? [Y/n] n
[*] Starting nginx daemon...

There are no other server blocks in my nginx.conf:

http {
    include /root/evilginx/sites/facebook/*.conf;
    ....

Errors when starting nginx:

-- Unit nginx.service has begun starting up.
----  hostname nginx[6879]: nginx: [emerg] directive "server_name" is not terminated by ";" in /root/evilginx/sites/facebook/m.facebook.com.conf:7
----  hostname nginx[6879]: nginx: configuration file /etc/nginx/nginx.conf test failed
----  hostname systemd[1]: nginx.service: Control process exited, code=exited status=1
----  hostname systemd[1]: Failed to start The NGINX HTTP and reverse proxy server.
-- Subject: Unit nginx.service has failed

The evilginx/sites/m.facebook.com.conf:

server {
    listen 80;
    listen 443 ssl;

    server_name {{PHISH_HOSTNAME[1]}}; # line 7, server_name terminated by ;

    ssl_certificate {{CERT_PUBLIC_PATH}};
    ssl_certificate_key {{CERT_PRIVATE_PATH}};
    ....

If I manually replace "{{PHISH_HOSTNAME[1]}}" with "mywebsite.com", I'll instead receive a "not terminated by ;" error for the following ssl_certificate* directives. If I delete the mobile conf and try the www conf only, Nginx complains the "{{PHISH_HOSTNAME[0]}}" line wasn't terminated properly. Any idea why this might be happening?

kgretzky commented 6 years ago

Hi. After running the evilginx.py script, your generated site configs should be in /etc/nginx/sites-enabled/. Issue here is that you are trying to include in nginx.conf the templates which are used only by evilginx.py script to generate valid site configs.

Can you check if site configs were properly generated in /etc/nginx/sites-enabled/ and that they are properly being included with main nginx config?

EDIT: Btw, let me know if you ran install.sh before running the script.

minhdc commented 5 years ago

@kgretzky it seems that this issue occurs again with me. I use your old tutorial to set everything up:

https://breakdev.org/evilginx-advanced-phishing-with-two-factor-authentication-bypass/

Things went well but I cannot start nginx because of the same error as @tokyoneon The site configs were properly generated in /etc/nginx/sites-enabled anyway!