Empty sso window - Githubissues

waelmas / frameless-bitb

A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented by login pages like Microsoft and the use with Evilginx.

BSD 3-Clause "New" or "Revised" License

321 stars 35 forks source link

Empty sso window #8

Closed Devil666face closed 4 months ago

Devil666face commented 4 months ago

After entering your email, an automatic redirect to sso.domain.com occurs with an empty password window. I cleared my cookies and use a private window. From this: 2024-03-09_10-46 Just redirect to: 2024-03-09_10-47 With empty window 2024-03-09_10-48

waelmas commented 4 months ago

Hey there,

The reason you are seeing this is because you are using a gmail address which requires a very different setup even without the BITB addition this repo brings to the picture. The setup this repo explains and builds on top of is designed for Microsoft Enterprise accounts specifically.

Even with Evilginx alone, as far as I know Google is the most challenging to get a working phishlet for as it adds many security layers to protect against MiTM phishing.