search

kgretzky / evilginx2

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
BSD 3-Clause "New" or "Revised" License
10.26k stars 1.87k forks source link

Evilginx 3.0 TLS/SSL error on self-signed certificates #905

Open Mrsagacious opened 1 year ago

Mrsagacious commented 1 year ago

Hello Kuba,

Im contacting you in regards to your recent Evilginx 3 release, so firstly I would like to thank you for the development of the tool.

I have set up a Kali Linux environment to test the tool on localhost and have experienced the rejection of page requests due to self-signed certificate errors with the following error.

"Cannot handshake client www.linkedin.com remote error: tls: unknown certificate authority [11:29:21] [war] blacklist: request from ip address '127.0.0.1' was blocked"

as evilginx does not have certificates registered from a certificate authority please could you allow for the use of third-party certificates to be used.

For my other projects on localhost, I tend to use mkcert which produces certificates registered by an authorized certificate authority and is thus allowed on all browsers without error.

If I were to convert a pem file certificate to a crt file and use it instead of the evilginx crt will this work or have you written code within the tool to prevent this?

I look forward to hearing from you man.

Thanks again! Dave

Mrsagacious commented 1 year ago

Your trying to connect from a localhost. Your inside your network, connecting that way won't work

Thanks for your input.

That is exactly my point, If I am in developer mode, the tool shouldn't be trying to retrieve a SSL certificate from outside the network, the tool itself should be able to assign a cert for me to use locally.

Jill60 commented 1 year ago

Thanks for your input.

Hello Kuba,

Im contacting you in regards to your recent Evilginx 3 release, so firstly I would like to thank you for the development of the tool.

I have set up a Kali Linux environment to test the tool on localhost and have experienced the rejection of page requests due to self-signed certificate errors with the following error.

"Cannot handshake client www.linkedin.com remote error: tls: unknown certificate authority [11:29:21] [war] blacklist: request from ip address '127.0.0.1' was blocked"

as evilginx does not have certificates registered from a certificate authority please could you allow for the use of third-party certificates to be used.

For my other projects on localhost, I tend to use mkcert which produces certificates registered by an authorized certificate authority and is thus allowed on all browsers without error.

If I were to convert a pem file certificate to a crt file and use it instead of the evilginx crt will this work or have you written code within the tool to prevent this?

I look forward to hearing from you man.

Thanks again! Dave

He basically covered this in his course actually.Maybe you should get his course to fix this.

BakkerJan commented 1 year ago

Hello Kuba,

Im contacting you in regards to your recent Evilginx 3 release, so firstly I would like to thank you for the development of the tool.

I have set up a Kali Linux environment to test the tool on localhost and have experienced the rejection of page requests due to self-signed certificate errors with the following error.

"Cannot handshake client www.linkedin.com remote error: tls: unknown certificate authority

[11:29:21] [war] blacklist: request from ip address '127.0.0.1' was blocked"

as evilginx does not have certificates registered from a certificate authority please could you allow for the use of third-party certificates to be used.

For my other projects on localhost, I tend to use mkcert which produces certificates registered by an authorized certificate authority and is thus allowed on all browsers without error.

If I were to convert a pem file certificate to a crt file and use it instead of the evilginx crt will this work or have you written code within the tool to prevent this?

I look forward to hearing from you man.

Thanks again!

Dave

Check this: https://janbakker.tech/running-evilginx-3-0-on-windows/

Or even better: buy the course. It’s absolutely worth it 👌🏻

Mrsagacious commented 1 year ago

Thanks for your input.

Hello Kuba, Im contacting you in regards to your recent Evilginx 3 release, so firstly I would like to thank you for the development of the tool. I have set up a Kali Linux environment to test the tool on localhost and have experienced the rejection of page requests due to self-signed certificate errors with the following error. "Cannot handshake client www.linkedin.com remote error: tls: unknown certificate authority [11:29:21] [war] blacklist: request from ip address '127.0.0.1' was blocked" as evilginx does not have certificates registered from a certificate authority please could you allow for the use of third-party certificates to be used. For my other projects on localhost, I tend to use mkcert which produces certificates registered by an authorized certificate authority and is thus allowed on all browsers without error. If I were to convert a pem file certificate to a crt file and use it instead of the evilginx crt will this work or have you written code within the tool to prevent this? I look forward to hearing from you man. Thanks again! Dave

He basically covered this in his course actually.Maybe you should get his course to fix this.

yet it doesn't change the fact that when users of the tool follow the online documentation given by the author it leads to an error in retrieving the ssl cert when in developer mode.

Mrsagacious commented 1 year ago

Hello Kuba, Im contacting you in regards to your recent Evilginx 3 release, so firstly I would like to thank you for the development of the tool. I have set up a Kali Linux environment to test the tool on localhost and have experienced the rejection of page requests due to self-signed certificate errors with the following error. "Cannot handshake client www.linkedin.com remote error: tls: unknown certificate authority [11:29:21] [war] blacklist: request from ip address '127.0.0.1' was blocked" as evilginx does not have certificates registered from a certificate authority please could you allow for the use of third-party certificates to be used. For my other projects on localhost, I tend to use mkcert which produces certificates registered by an authorized certificate authority and is thus allowed on all browsers without error. If I were to convert a pem file certificate to a crt file and use it instead of the evilginx crt will this work or have you written code within the tool to prevent this? I look forward to hearing from you man. Thanks again! Dave

Check this: https://janbakker.tech/running-evilginx-3-0-on-windows/

Or even better: buy the course. It’s absolutely worth it 👌🏻

Hey Jan,

I checked out your website and looked through your guide on a Windows environment setup which led to the following error: "invalid_request: The provided value for the input parameter 'redirect_uri' is not valid. The expected value is a URI which matches a redirect URI registered for this client application."

and for the Linux setup in a local environment using the -developer argument the setup fails to retrieve the SSL cert, I think this may be a coding error on the author's behalf as I don't believe any certs should be retrieved when operating from developer mode.

p.s would like to get the course but it's a little out of my budget right now. Thanks

Jill60 commented 1 year ago

Hello Kuba, Im contacting you in regards to your recent Evilginx 3 release, so firstly I would like to thank you for the development of the tool. I have set up a Kali Linux environment to test the tool on localhost and have experienced the rejection of page requests due to self-signed certificate errors with the following error. "Cannot handshake client www.linkedin.com remote error: tls: unknown certificate authority [11:29:21] [war] blacklist: request from ip address '127.0.0.1' was blocked" as evilginx does not have certificates registered from a certificate authority please could you allow for the use of third-party certificates to be used. For my other projects on localhost, I tend to use mkcert which produces certificates registered by an authorized certificate authority and is thus allowed on all browsers without error. If I were to convert a pem file certificate to a crt file and use it instead of the evilginx crt will this work or have you written code within the tool to prevent this? I look forward to hearing from you man. Thanks again! Dave

Check this: https://janbakker.tech/running-evilginx-3-0-on-windows/

Or even better: buy the course. It’s absolutely worth it 👌🏻

I will like to ask if you can show me a way that I can add telegram chat i.d and be receiving logs on tg directly

stereogazza2 commented 8 months ago

hello everyone im here to ask if there's any script or configuration to help fix page from going red after hosting usually flags after 24hours

Mrsagacious commented 8 months ago

hello everyone im here to ask if there's any script or configuration to help fix page from going red after hosting usually flags after 24hours

I have managed to solve this issue, if you need further help contact me on tele, my user is the_unknown_unknown, because I rarely login on github.

cheers