search

kgretzky / evilginx2

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
BSD 3-Clause "New" or "Revised" License
10.54k stars 1.91k forks source link

O365 ADFS configuration fails to grab token #809

Closed iamstubar closed 1 year ago

iamstubar commented 2 years ago

Hi all! I've gotten the tool up and working with most of my tests, except ADFS. It redirects me to the correct domain, I put in my creds, it redirects me to an authenticated session at office.com, as expected. The issue is that the token is not grabbed. Maybe I'm inputting my o365 ADFS details incorrectly.

With the o365.yaml file:

insert-adfs-subdomain = adfs

insert-adfs-host = myphishingdomain.com

insert_adfs-subdomain-and-host = adfs.myphishingdomain.com

Is it asking for myphishingdomain.com or is this asking for the legitimate adfs domain? I've done both and when I use the legitimate adfs domain, I get a SSL host mismatch because it seems adfs.legitdomain.com isn't being added to the letsencrypt cert it creates. Any help is appreciated.

Thanks.

dapslegend commented 1 year ago

@Mrgretzky is scam!!!

can you post a working phishlet

Support-1535 commented 1 year ago

Hello! If you were already able to resolve your doubts and achieve your goals, close the issue so that we know which ones are pending.

Thank you!