O365 phishlet was not capturing authentication tokens.

kgretzky / evilginx2

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

BSD 3-Clause "New" or "Revised" License

10.54k stars 1.91k forks source link

O365 phishlet was not capturing authentication tokens. #760

Open beardingwithbryan opened 2 years ago

beardingwithbryan commented 2 years ago

O365 phishlet wasn't capturing authentication tokens. By making a quick change in the auth_tokens section, it captures authentication tokens now.

ghost commented 2 years ago

iirc it may capture them but the tokens are useless without the correct cookie flags

beardingwithbryan commented 2 years ago

I was testing the o365 phishlet and it would capture just the username and password. Wouldn't work if the account had 2FA. This is a quick change and now it captures all auth tokens. I could use the Sessions to get the cookies and authenticate and everything even if the account had 2FA enabled.

greatbelieverw commented 1 year ago

I just tried to use o365 phishlets it won't'' capture token, pls help

greatbelieverw commented 1 year ago

i tried updating and it worked fine. if you want to see send a message to my telegram : @regrexs

HEY you took my money and stop responding to my messages on telegram.

greenwoodid commented 1 year ago

O365 phishlet wasn't capturing authentication tokens. By making a quick change in the auth_tokens section, it captures authentication tokens now.

Find me if you need custom phishlets on Telegram: https://t.me/altophish