This is a sample guest message. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!
keep domain inactive and only activate during short bursts of spamming. if they are going to visit/click your url, they would have done so within the first hour of it being spammed/sent out. beyond that, it is just researchers.
when visiting url, do not have it redirect. have it be a simple...
that's because you're spamming. it has nothing to do with evilginx or being detected, it's the manner you're spamming and the filters catching it via keywords, links, source/origin, speed of emails/sms', headers, ip, etc. spamhaus is mainly automated...
and evilginx isn't a scam lmao.
it's a reverse proxy which essentially mirrors the website so that when someone logs into it from your URL, it'll redirect them back to the login page after hijacking the session/cookies which allows you to take it over (bypassing 2fa as the live session is on...
you can't. you can't steal a cookie by simply sending a 1-click phishing email, you'd have to phish for the actual live-2fa code (like a uadmin phishlet) or hijack the session after they are fully logged into a reverse proxy like the post above about evilginx2.
your best chance is to social...
all you have to do is pass the server's request_uri using the script that is already provided by the panel (gate.php which is just an include call for ../../token/gate.php).
then create a json object (use another phishlet's operations.json to model yours after) of each landing page/name...
it's not client-side, so there's nothing you can do unless you control the network or computer viewing the cross-origin website.
Последнее редактирование: 23.09.2022
you can't without setting up a reverse proxy. the cross origin resource sharing policy prevents you from framing websites that do not want to be iframed due to the risk of phishing, etc
like he mentioned, don't redirect. create session tokens and store them in a db, then redirect customers with the GET token in the URL (eg, domain.com/?sess=TOKEN_HERE), and have it expire the entire token after a few hours and also start banning IPs after a few minutes of their initial visit to...
you don't need to modify those. at all.
the data is sent over PHP using $_SERVER['REQUEST_URI'], the js is just meant to help track their progress live while telling the panel what page is next and what variable data is on each page so you can send specific ones to them without reloading the...