Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
I ran into an issue where MFA is being performed but using multi level subdomain. For e.g. sub1.sub2.example.tld
In this case, evilginx the DNS works fine, however, i get an error message in the debug mode that hostname unsupported: sub1.sub2.example.tld
DNS can handle as I point all cnames to an alias which points to Evilginx however, it appears that Evilginx is unable to handle multi-level subdomains.
I ran into an issue where MFA is being performed but using multi level subdomain. For e.g. sub1.sub2.example.tld
In this case, evilginx the DNS works fine, however, i get an error message in the debug mode that hostname unsupported: sub1.sub2.example.tld
DNS can handle as I point all cnames to an alias which points to Evilginx however, it appears that Evilginx is unable to handle multi-level subdomains.
Patch for this would be great.