Birdh0use
commented
11 months ago Having the same issue! Have you been able to resolve it?
Open fsacer opened 11 months ago
Birdh0use
commented
11 months ago Having the same issue! Have you been able to resolve it?
fsacer
commented
11 months ago The solution that currently works for me is using the developer mode and then proxying to the evilginx via frontend proxy.
kadinboyle
commented
11 months ago Second wanting this functionality back. Unsure why on earth it was removed
vc1cv1
commented
11 months ago @fsacer
The solution that currently works for me is using the developer mode and then proxying to the evilginx via frontend proxy.
Hi, do you mind going into a bit more details with the frontend proxy. I've been unable to get my proxy setups with the self signed certificates working (developer mode).
fsacer
commented
10 months ago @vc1cv1 Sorry for the late reply, but this case was a bit more complex since I had a setup like nginx->apache->evilginx. The nginx in front was a redirector to the actual server hosting the evilginx via proxy_pass (set Header for Host, X-Forwarded-Proto and X-RealIP), The apache was then configured with more vars which turned SSL verifications off (SSLProxyVerify none, SSLProxyVerify none, SSLProxyVerify none, SSLProxyCheckPeerName off, SSLProxyCheckPeerExpire off) and then passing it of to local evilginx instance. Hope this helps.
The kind of essential function for an operation that would load certificates from disk is omitted in the 3.X branch.
In version 2.4:
https://github.com/kgretzky/evilginx2/blob/e507ce1590b86c1a88afe9046e502f6d03c20fa6/core/certdb.go#L280
In version 3.1:
https://github.com/kgretzky/evilginx2/blob/a49523a9c41ac95a34b4b07c1d856e200f25ebca/core/certdb.go#L170