Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
I have just set up a VPS on njal.la, as well as rented a domain there:
There is not much to see on the pictures, it's just to get an idea what I set up so far.
ns1.mydomain.com
ns2.mydomain.com
..and then glued these nameservers to the public IP of the VPS. Same settings applied within evilginx.
The problem now is that I get a 'hostname unsupported' error:
When I try to open the phishing page, I get 'the page cannot be reached'.
Any hints on that?
Thanks a lot!
PS: I am a cyber security student and using evilginx solely for testing purposes
EDIT:
Ok, I can now somehow access the hosted website. Or at least, I am getting redirected. Problem now is, that I am ALWAYS getting redirected to the redirect URL. Never being able to see the actual phishing site.
To solve the first problem mentioned above (initially), I had to enter "www" as well in the phishing address.
Hello
I have just set up a VPS on njal.la, as well as rented a domain there:
There is not much to see on the pictures, it's just to get an idea what I set up so far.
ns1.mydomain.com ns2.mydomain.com
..and then glued these nameservers to the public IP of the VPS. Same settings applied within evilginx.
The problem now is that I get a 'hostname unsupported' error:
When I try to open the phishing page, I get 'the page cannot be reached'.
Any hints on that?
Thanks a lot!
PS: I am a cyber security student and using evilginx solely for testing purposes
EDIT:
Ok, I can now somehow access the hosted website. Or at least, I am getting redirected. Problem now is, that I am ALWAYS getting redirected to the redirect URL. Never being able to see the actual phishing site. To solve the first problem mentioned above (initially), I had to enter "www" as well in the phishing address.
EDIT 2:
Just read and follow the manual closely...:)