ViralDragon
commented
5 years ago Well, after messing around with my domain and mapping everything, pointing it to diff locations, etc etc. I've solved the handshake issue. For anyone else who comes across this, if it says "cannot handshake client domain.com EOF Make an A record that points to your server, I'm also using a domain that has a real SSL cert as well, so that may help.
wingriddenangelxxx
I confirm (Loll) Thanks!
Henlo,
So, I don't need help making the phishlet. (well, I guess technically I do, or I wouldn't be here) What I do need help with is, is this:
[08:02:07] [+++] successfully set up SSL/TLS certificates for domains: [mydomain.com]
[08:02:16] [imp] [1] [company] new visitor has arrived: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0 (1.1.1.1) [08:02:16] [inf] [1] [company] landing URL: https://mydomain.com/LureIDHere [08:02:16] [+++] [1] detected authorization URL - tokens intercepted: /path/to/login : 2019/04/27 08:02:37 [102] WARN: Cannot handshake client mydomain.com EOF
Whenever I or another person attempt to login in, it does nothing. just says "sorry, something went wrong, click back and resend the info".
If I try using a different domain (we have tons), it'll go to the login page, it'll capture the data such as email/pass/tokens, but then still doesn't actually sign in? just keeps redirecting to the page that says something went wrong, go back.
I thought maybe because it was the domains fault. So I set up A/CNAME records for every subdomain and main domain being phished. I gave it time to propagate
I thought it was my landing path, my auth url, even the phish domains, I tried changing all of that, which just gives me no results. I'm nearly convinced it's maybe the way GO handles proxies? I looked into the documentation for both this tool and GO, and then looked up the handshake error elsewhere, and I did see other people using GO, have similar issues. So then I thought I'll write my own proxy script, or just change yours, which I did. Still does nothing.
One the first domain, where it's capturing everything, but doing nothing after hitting login, I manually added the site as an exception. The second one, I did no such thing, and it just doesn't capture or anything. Just redirects to the sorry something went wrong page.
I looked at the phishlets using 2FA bypasses, and tried to imitate those to no success.
Could you possibly point me in the right direction, of fixing the issue of "Cannot Handshake Client - EOF".
I'm currently running version 2.3.1 and my vps is running Debian
I've gone through the other some odd 200+ issues, and saw a few others had the issue, but no one actually posted a fix (that was even remotely relevant) the close I could find to my issue is this: /issues/248 - And there was no solution that helped me there.
:{}