search

kgretzky / evilginx2

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
BSD 3-Clause "New" or "Revised" License
10.22k stars 1.87k forks source link

[Feature suggestion] Would it be interesting to add a optional key field ? #1039

Open Lolozendev opened 2 months ago

Lolozendev commented 2 months ago

Wouldn't it be interesting to add a 'OR' type of search instead of 'AND' (optional key fields) , for example let's say my credentials fields looks like this in my phislet:

credentials:
  username:
    key: 'login'
    search: '(.*)'
    type: 'post'
  password:
    key: 'password'
    search: '(.*)'
    type: 'post'

but sometime my user has a 2fa or a pin I wanna capture and that depends if he has enabled the 2fa/pin feature. maybe it could be interesting to add some keys/field that can be optionality present and captured if they exist

credentials:
  username:
    key: 'login'
    search: '(.*)'
    type: 'post'
  password:
    key: 'password'
    search: '(.*)'
    type: 'post'
  custom:
    - key: 'otp' #present only if the user as the 2fa enabled
      search: '(.*)'
      type: 'post'
      optional: True # specify that on request this argument maybe not exist and captures it only if it does

credentials wouldn't be the only field that would benefits from this feature.

matejsmycka commented 2 months ago

There is custom optional header, see https://help.evilginx.com/docs/phishlet-format#credentials. I used it both user with TOTP and no MFA.

Lolozendev commented 2 months ago

Maybe I didn't understand correctly but I thought if I add a custom header it would be a mandatory header, not an optional one.

matejsmycka commented 2 months ago

No, it is not mandatory.