kgretzky / evilginx2

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
BSD 3-Clause "New" or "Revised" License
10.85k stars 1.95k forks source link

auth token [session_token] is created after login is captured #723

Closed jinjo0 closed 1 year ago

jinjo0 commented 2 years ago

DO NOT ASK FOR PHISHLETS.

DO NOT ASK FOR HELP CREATING PHISHLETS.

DO NOT ASK TO FIX PHISHLETS.

DO NOT ADVERTISE OR TRY TO SELL PHISHLETS.

EXPECT A BAN OTHERWISE. THANK YOU!

REPORT ONLY BUGS OR FEATURE SUGGESTIONS.

i'm having problem auth_token is not captured because the session_token is created after login in the same domain [xyz.com]