o365 not capturing cookies pls help

kgretzky / evilginx2

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

BSD 3-Clause "New" or "Revised" License

10.62k stars 1.92k forks source link

o365 not capturing cookies pls help #737

Closed williamsjoe724 closed 1 year ago

williamsjoe724 commented 2 years ago

DO NOT ASK FOR PHISHLETS.

DO NOT ASK FOR HELP CREATING PHISHLETS.

DO NOT ASK TO FIX PHISHLETS.

DO NOT ADVERTISE OR TRY TO SELL PHISHLETS.

EXPECT A BAN OTHERWISE. THANK YOU!

REPORT ONLY BUGS OR FEATURE SUGGESTIONS.

Maxim0n commented 2 years ago

The o365 phislet captures the cookies but does not store it to sessions. If you create an additional phishlet for example wordpress and use that, the sessiondata includes both the o365 token as the wordpress token in the json array.

JM-Lemmi commented 2 years ago

Did you try the fix from #676?