View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0004000||Kali Linux||[All Projects] New Tool Requests||public||2017-05-08 19:29||2019-04-13 01:30|
|Priority||normal||Severity||minor||Reproducibility||have not tried|
|Target Version||Fixed in Version|
|Summary||0004000: Evilginx v1.1.0 - Advanced Phishing with Two-factor Authentication Bypass|
License: MIT (https://github.com/kgretzky/evilginx/blob/master/LICENSE)
Author: Kuba Gretzky (@mrgretzky)
Dependencies: ...A lot ~ https://github.com/kgretzky/evilginx/blob/master/install.sh
Age: March 2017 - Current
Similar tools: SET (Social-Engineer Toolkit) / wifiphisher / Ghost Phisher
Description: Evilginx - Advanced Phishing with Two-factor Authentication Bypass
Man-in-the-middle attack framework used for phishing credentials and session cookies of any web service.
Evilginx is a man-in-the-middle attack framework used for phishing credentials and session cookies of any web service. It's core runs on Nginx HTTP server, which utilizes proxy_pass and sub_filter to proxy and modify HTTP content, while intercepting traffic between client and server.
|Additional Information||Web page: https://breakdev.org/evilginx-advanced-phishing-with-two-factor-authentication-bypass/|
it requires openresty: https://openresty.org/en/
But openresty is based on nginx and both programs not co-installable.
nginx is required in Kali for the package set in kali-linux-all and kali-linux-full
This was requested a long time ago but nothing happened. A review is in order. Is this something that we still want in Kali?
If yes, please reassign the ticket to sbrun and move it to the "Queued Tool Addtion" category.
BTW, version v.1.X.X is obsolete. New version is Evilginx 2 : https://github.com/kgretzky/evilginx2
Present version is fully written in GO as a standalone application, which implements its own HTTP and DNS server, making it extremely easy to set up and use.
|2017-05-08 19:29||g0tmi1k||New Issue|
|2017-07-18 13:33||g0tmi1k||Summary||Evilginx - Advanced Phishing with Two-factor Authentication Bypass => Add Evilginx v1.1.0 - Advanced Phishing with Two-factor Authentication Bypass|
|2017-07-18 13:33||g0tmi1k||Description Updated||View Revisions|
|2017-07-18 14:01||g0tmi1k||Relationship added||related to 0002983|
|2017-11-21 14:34||g0tmi1k||Description Updated||View Revisions|
|2018-01-29 10:22||g0tmi1k||Summary||Add Evilginx v1.1.0 - Advanced Phishing with Two-factor Authentication Bypass => Evilginx v1.1.0 - Advanced Phishing with Two-factor Authentication Bypass|
|2018-01-29 17:44||g0tmi1k||Assigned To||=> sbrun|
|2018-01-29 17:44||g0tmi1k||Status||new => assigned|
|2018-06-19 08:19||sbrun||Note Added: 0009281|
|2019-04-11 16:42||rhertzog||Assigned To||sbrun =>|
|2019-04-11 16:42||rhertzog||Status||assigned => new|
|2019-04-11 16:42||rhertzog||Note Added: 0010498|
|2019-04-13 01:30||Dober||Note Added: 0010503|