Inconsistent behaviour

[codeitch]

Great tool indeed! I however noticed, that some of my users get signed in, but the phishing function proceeds with only the first two request, namely:

• Proxying GET: https://site.azurewebsites.net/ to: https://login.microsoftonline.com/

and

• Proxying POST: https://site.azurewebsites.net/common/GetCredentialType?mkt=it to: https://login.microsoftonline.com//common/GetCredentialType?mkt=it

Don't you know what makes it stop there, instead of proxying remaining requests (i.e. https://login.microsoftonline.com//common/login, https://login.microsoftonline.com//common/SAS/BeginAuth, https://login.microsoftonline.com//common/SAS/EndAuth,https://login.microsoftonline.com//common/SAS/ProcessAuth, etc.)

[nicolonsky]

@codeitch have you adjusted the user-agent header in the code? Depending on the registered authentication methods for the user Entra ID will upgrade the connection to websockets for capable browsers. Otherwise I couldn't repro this