failed to obtain certificates when enable phishlets

j3ssie commented 6 years ago

Hi sir, I just want to use evilginx2 for testing purpose on local network. So I download precompile version for linux and config them follow your README(no offense but you miss the 's' for phishlet on https://github.com/kgretzky/evilginx2#getting-started).

./evilginx :config domain kali.local :config ip 192.168.125.138 :phishlets hostname outlook my.phishing.kali.local

But when I enable phishlets outlook I got the error below. :phishlets enable outlook

: phishlets enable outlook
[14:55:26] [inf] enabled phishlet 'outlook'
[14:55:26] [inf] setting up certificates for phishlet 'outlook'...
[14:55:26] [war] failed to load certificate files for phishlet 'outlook', domain 'my.phishing.kali.local': open /root/.evilginx/crt/my.phishing.kali.local/outlook.crt: no such file or directory
[14:55:26] [inf] requesting SSL/TLS certificates from LetsEncrypt...
[14:55:29] [err] [outlook.my.phishing.kali.local] acme: Error 400 - urn:acme:error:malformed - Error creating new authz :: Name does not end in a public suffix
[14:55:29] [err] [login.my.phishing.kali.local] acme: Error 400 - urn:acme:error:malformed - Error creating new authz :: Name does not end in a public suffix
[14:55:29] [err] [account.my.phishing.kali.local] acme: Error 400 - urn:acme:error:malformed - Error creating new authz :: Name does not end in a public suffix
[14:55:29] [!!!] failed to obtain certificates
[14:55:29] [inf] disabled phishlet 'outlook'

wikijm commented 6 years ago

Hi @j3ssie,

It's not an issue, but a normal response.

You are trying to get a certificate by Let's Encrypt for a private IP address, which is not possible. You have to use a public IP address, a valid public domain name that you own and the ability to redirect requests made on 80 and 443 ports from Internet to you local VM IP.

j3ssie commented 6 years ago

I just thought that we might do that in local network that we totally control. But btw thank for the answer, it's very clear.

softdream1981 commented 6 years ago

Hi, i have same issue with my domain. Any solution please?

0:18] [inf] loading phishlets from: /usr/share/evilginx/phishlets/ [00:20:18] [inf] loaded phishlet 'facebook' made by @mrgretzky from 'facebook.yaml' [00:20:18] [inf] loaded phishlet 'linkedin' made by @mrgretzky from 'linkedin.yaml' [00:20:18] [inf] loaded phishlet 'outlook' made by @mrgretzky from 'outlook.yaml' : phishlets enable facebook [00:20:26] [inf] enabled phishlet 'facebook' [00:20:26] [inf] setting up certificates for phishlet 'facebook'... [00:20:26] [war] failed to load certificate files for phishlet 'facebook', domain '.tk': open /root/.evilginx/crt/.tk/facebook.crt: no such file or directory [00:20:26] [inf] requesting SSL/TLS certificates from LetsEncrypt... [00:20:40] [err] [m..tk] acme: Error 400 - urn:acme:error:dns - DNS problem: NXDOMAIN looking up A for m..tk Error Detail: Validation for m.*****.tk:80 Resolved to:

Used:

[00:20:40] [err] [static..tk] acme: Error 400 - urn:acme:error:dns - DNS problem: NXDOMAIN looking up A for static..tk Error Detail: Validation for static.*****.tk:80 Resolved to:

Used:

[00:20:40] [!!!] failed to obtain certificates [00:20:40] [inf] disabled phishlet 'facebook'

norisharma commented 6 years ago

config domain mydomain.com [01:19:24] [inf] server domain set to: mydomain.com : config ip 42.106.9.161 [01:19:48] [inf] server IP set to: 42.106.9.161 : phishlets hostname linkedin mydomain.com [01:20:54] [inf] phishlet 'linkedin' hostname set to: mydomain.com [01:20:54] [inf] disabled phishlet 'linkedin' : phishlets enable linkedin [01:21:12] [inf] enabled phishlet 'linkedin' [01:21:12] [inf] setting up certificates for phishlet 'linkedin'... **[01:21:12] [war] failed to load certificate files for phishlet 'linkedin', domain 'mydomain.com': open /root/.evilginx/crt/mydomain.com/linkedin.crt: no such file or directory [01:21:12] [inf] requesting SSL/TLS certificates from LetsEncrypt... [01:21:27] [err] [www.mydomain.com] acme: Error 400 - urn:acme:error:connection - Fetching http://mydomain.com/.well-known/acme-challenge/3J6-TP6QsEf_oEKRpEDjL8JsyIo2c4FTYeXoidL8YSE: Timeout during connect (likely firewall problem) Error Detail: Validation for www.mydomain.com:80 Resolved to: 42.106.9.161 Used: 42.106.9.161

[01:21:27] [!!!] failed to obtain certificates**

lastman666 commented 6 years ago

Hi, I need help setting up Evilginx

maisonmargiela0 commented 5 years ago

THE SAME PROBLEM FOR MEE!!! PLEASE HELP.. I DON"T UNDERSTAND HOW "to redirect requests made on 80 and 443 ports from Internet to you local VM IP" What do you mean for public ip address?? THANK YOU FOR HELPING ME!!

Hi @j3ssie,

It's not an issue, but a normal response.

You are trying to get a certificate by Let's Encrypt for a private IP address, which is not possible. You have to use a public IP address, a valid public domain name that you own and the ability to redirect requests made on 80 and 443 ports from Internet to you local VM IP.

maisonmargiela0 commented 5 years ago

THE SAME PROBLEM FOR MEE!!! PLEASE HELP.. I DON"T UNDERSTAND HOW "to redirect requests made on 80 and 443 ports from Internet to you local VM IP" What do you mean for public ip address?? THANK YOU FOR HELPING ME!!

Hi @j3ssie, It's not an issue, but a normal response. You are trying to get a certificate by Let's Encrypt for a private IP address, which is not possible. You have to use a public IP address, a valid public domain name that you own and the ability to redirect requests made on 80 and 443 ports from Internet to you local VM IP.

I have Namecheap hosting and domain. It is good? I have to install let's encrypt certificate on it? it is only working with this certificate??

THANKS A LOT FOR HELPING ME!!!

maisonmargiela0 commented 5 years ago

Hi sir, I just want to use evilginx2 for testing purpose on local network. So I download precompile version for linux and config them follow your README(no offense but you miss the 's' for phishlet on https://github.com/kgretzky/evilginx2#getting-started).

./evilginx :config domain kali.local :config ip 192.168.125.138 :phishlets hostname outlook my.phishing.kali.local

But when I enable phishlets outlook I got the error below. :phishlets enable outlook
: phishlets enable outlook
[14:55:26] [inf] enabled phishlet 'outlook'
[14:55:26] [inf] setting up certificates for phishlet 'outlook'...
[14:55:26] [war] failed to load certificate files for phishlet 'outlook', domain 'my.phishing.kali.local': open /root/.evilginx/crt/my.phishing.kali.local/outlook.crt: no such file or directory
[14:55:26] [inf] requesting SSL/TLS certificates from LetsEncrypt...
[14:55:29] [err] [outlook.my.phishing.kali.local] acme: Error 400 - urn:acme:error:malformed - Error creating new authz :: Name does not end in a public suffix
[14:55:29] [err] [login.my.phishing.kali.local] acme: Error 400 - urn:acme:error:malformed - Error creating new authz :: Name does not end in a public suffix
[14:55:29] [err] [account.my.phishing.kali.local] acme: Error 400 - urn:acme:error:malformed - Error creating new authz :: Name does not end in a public suffix
[14:55:29] [!!!] failed to obtain certificates
[14:55:29] [inf] disabled phishlet 'outlook'

Hello!! I have the same problem. Did you solved?

Thank you for helping me!!!

zayedaljaberi commented 5 years ago

THE SAME PROBLEM FOR MEE!!! PLEASE HELP.. I DON"T UNDERSTAND HOW "to redirect requests made on 80 and 443 ports from Internet to you local VM IP" What do you mean for public ip address?? THANK YOU FOR HELPING ME!!

Hi @j3ssie, It's not an issue, but a normal response. You are trying to get a certificate by Let's Encrypt for a private IP address, which is not possible. You have to use a public IP address, a valid public domain name that you own and the ability to redirect requests made on 80 and 443 ports from Internet to you local VM IP.

You can redirect requests coming on port 80 or 443 or any from your public IP to your private using <Port Forwarding>, that can be configured in your home router.