search

kgretzky / evilginx2

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
BSD 3-Clause "New" or "Revised" License
10.91k stars 1.96k forks source link

Youtube redirection #917

Open wilecurity opened 1 year ago

wilecurity commented 1 year ago

Please i ran lures-get url and anytime i try to click on the link evilginx gave me .. It does not show my phishlets page . It just take me to youtube music video immediately . Have tried everything including (Blacklist off) but still same thing BUT

Mrsagacious commented 1 year ago

hi,

are you running this locally? on linux or windows ?

check in the terminal if it has any blocked ip addresses and change to blacklist unauth.

this is a problem with both the SSL and the fake url in the address bar.

wilecurity commented 1 year ago

am running this on Linux ubuntu server . Have tries blacklist off and blacklist unauth .. But it always redirect to youtube(a particular song) .. And i have not blocked any ip address in my evilginx

wilecurity commented 1 year ago

please i dont know what to do again

Mrsagacious commented 1 year ago

blacklist off command will work but you already have your ip in the blacklist file, you need to open this file and delete it, then save the file.

after this it should all be good.

Unique7096 commented 1 year ago

Please i ran lures-get url and anytime i try to click on the link evilginx gave me .. It does not show my phishlets page . It just take me to youtube music video immediately. please let me know why this happen

Mrsagacious commented 1 year ago

Please i ran lures-get url and anytime i try to click on the link evilginx gave me .. It does not show my phishlets page . It just take me to youtube music video immediately. please let me know why this happen

its because your ip address has been added to the blacklist file, use filezilla to connect to your vps server and edit your blacklist file by removing your ip address and try again.

also change settings to blacklist unauth.

you will also want to hide your phishlet for 1 hour to send crawling bots to your blacklist first, so all the ips are blacklisted for not being humans.

and you need to delete the http header to remove the evilginx tag that lets bots know your page is a phishing page, refer to this page for the instuctions https://github.com/An0nUD4Y/Evilginx2-Phishlets

0xmani commented 6 months ago

Please i ran lures-get url and anytime i try to click on the link evilginx gave me .. It does not show my phishlets page . It just take me to youtube music video immediately. please let me know why this happen

its because your ip address has been added to the blacklist file, use filezilla to connect to your vps server and edit your blacklist file by removing your ip address and try again.

also change settings to blacklist unauth.

you will also want to hide your phishlet for 1 hour to send crawling bots to your blacklist first, so all the ips are blacklisted for not being humans.

and you need to delete the http header to remove the evilginx tag that lets bots know your page is a phishing page, refer to this page for the instuctions https://github.com/An0nUD4Y/Evilginx2-Phishlets

I tried to remove the blacklist IPs from the blacklist.txt but there are no ips present in the blacklist.txt. But I can see the blacklist IP counts through the blacklist command executed in evilnginx. How to remove the blacklist ips in this case. Any ideas?