Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Would it be possible to use placeholders in the redirect url?
That way you can forward the user to the actual login screen and maybe provide a login hint so it won't be prompted to re-enter his username.
Would it be possible to use placeholders in the redirect url? That way you can forward the user to the actual login screen and maybe provide a login hint so it won't be prompted to re-enter his username.
Something like redirct_url https://actualdomain.com/auth?login_hint={entered_username}