Пожалуйста, обратите внимание, что пользователь заблокированvei сказал(а):
evilginx2 will intercept the session and creds after otp is entered. it's free and simple to use and comes with an amazon phishlet for free
Jill100 сказал(а):
But Evilginx2 is not good for mass spamming I think its only good for targeted spamming
Пожалуйста, обратите внимание, что пользователь заблокированvei сказал(а):
wrong, it can hijack as many sessions as you want at once. read up on how reverse proxies work
Jill100 сказал(а):
When I do so I always get all ip blacklisted when trying to login even though I use blacklist unauth
Jill100 сказал(а):
When I do so I always get all ip blacklisted when trying to login even though I use blacklist unauth
Пожалуйста, обратите внимание, что пользователь заблокированvei сказал(а):
that's because you're spamming. it has nothing to do with evilginx or being detected, it's the manner you're spamming and the filters catching it via keywords, links, source/origin, speed of emails/sms', headers, ip, etc. spamhaus is mainly automated...
Jill100 сказал(а):
So this is where it get funny,when I do spamm it reflects people clicking on the link but the whole page will just be blank,can't capture user/pass/cookie
Пожалуйста, обратите внимание, что пользователь заблокированvei сказал(а):
blank for them or blank on the admin panel? that sounds like a coding issue then. if it still reads that they are visiting the url but not displaying the phish, then it's the code. probably mistyped what url to display in iframe of front phishing page.