Can't Capture tokens from GET request headers

kgretzky / evilginx2

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

BSD 3-Clause "New" or "Revised" License

10.74k stars 1.94k forks source link

Can't Capture tokens from GET request headers #1106

Open stackerofwheat opened 1 month ago

stackerofwheat commented 1 month ago

Trying to capture cookies from header value of GET request for path 'users/sign_in' set using 'Cookie' header. However evilginx just captures the value of the first 'Cookie' header it comes across ignoring the path completely. I don't see these cookies set anywhere using 'Set-Cookies' header so if can't get to work will have to capture searching body of http response.

auth_tokens:

domain: 'site.com' path: '/users/sign_in' name: 'Cookies' header: 'Cookie' type: 'http'

chloemahachek commented 1 month ago

telegram ? :)))

itsdayztar1 commented 4 weeks ago

telegram itsdayztar

stackerofwheat commented 4 weeks ago

telegram ? :)))

thanks bros i'm good