search

kgretzky / evilginx2

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
BSD 3-Clause "New" or "Revised" License
10.62k stars 1.92k forks source link

failed to load certificate files for phishlet 'linkedin', domain 'linkedin.microsets-laravast.com': open /root/.evilginx/crt/linkedin.microsets-laravast.com/linkedin.crt: no such file or directory #733

Closed MohammaDev closed 1 year ago

MohammaDev commented 2 years ago

Hi

I have double-checked everything:

1- 443, 80, and 53 ports are used by Evilginx only:

abodave@abodave-VirtualBox:~$ sudo lsof -i :443
COMMAND   PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
evilginx 2135 root    7u  IPv6  42220      0t0  TCP *:https (LISTEN)
abodave@abodave-VirtualBox:~$ sudo lsof -i :80
COMMAND   PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
evilginx 2135 root    9u  IPv6  41646      0t0  TCP *:http (LISTEN)
abodave@abodave-VirtualBox:~$ sudo lsof -i :53
COMMAND   PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
evilginx 2135 root    8u  IPv6  41645      0t0  UDP *:domain 
abodave@abodave-VirtualBox:~$
2- I have a domain name: [microsets-laravast.com] from NameCheap Website 3- My domain name servers are: [ns1.digitalocean.com, ns2.digitalocean.com, ns3.digitalocean.com] on NameCheap Website: Screen Shot 2022-02-22 at 4 57 38 PM 4- I have a VPS server with IP address [165.22.222.8] from DigitalOcean Website 5- I have 7 DNS Records listed on DigitalOcean Website: Screen Shot 2022-02-22 at 4 56 25 PM And I have followed the official documentation of Evilginx and watched many tutorials But unfortunately, I still got this issue :( 
: phishlets enable linkedin
[16:48:02] [inf] enabled phishlet 'linkedin'
[16:48:02] [inf] setting up certificates for phishlet 'linkedin'...
[16:48:02] [war] failed to load certificate files for phishlet 'linkedin', domain 'linkedin.microsets-laravast.com': open /root/.evilginx/crt/linkedin.microsets-laravast.com/linkedin.crt: no such file or directory
[16:48:02] [inf] requesting SSL/TLS certificates from LetsEncrypt...
[16:48:02] [!!!] get directory at 'https://acme-v02.api.letsencrypt.org/directory': Get "https://acme-v02.api.letsencrypt.org/directory": dial tcp: lookup acme-v02.api.letsencrypt.org: Temporary failure in name resolution
[16:48:02] [inf] disabled phishlet 'linkedin'
: 
: lures create linkedin
[16:48:14] [inf] created lure with ID: 2
: lures edit 2 redirect_url https://www.google.com
[16:48:30] [inf] redirect_url = 'https://www.google.com'
: lures get-url 2

https://www.linkedin.microsets-laravast.com/jqvSkZNL

: phishlets get-hosts linkedin 

165.22.222.8 www.linkedin.microsets-laravast.com

:
When I open the produced link I got this: Screen Shot 2022-02-22 at 5 03 47 PM Pleaaaase guys, I need your help.
newworldorder45 commented 2 years ago

Are you trying to use Evilginx with LinkedIn for the first?

newworldorder45 commented 2 years ago

I am asking you this because LinkedIn deactivate accounts after the tokens have been intercepted by Evilginx.