View Issue Details

IDProjectCategoryView StatusLast Update
0004000Kali Linux[All Projects] Queued Tool Additionpublic2019-10-28 16:01
Reporterg0tmi1k Assigned To 
PrioritynormalSeverityfeatureReproducibilityhave not tried
Status assignedResolutionopen 
Product Version 
Target VersionFixed in Version 
Summary0004000: Evilginx v1.1.0 - Advanced Phishing with Two-factor Authentication Bypass
DescriptionName: evilginx
Version: v1.1.0
Homepage: https://github.com/kgretzky/evilginx
Download: https://github.com/kgretzky/evilginx/archive/1.1.0.tar.gz
License: MIT (https://github.com/kgretzky/evilginx/blob/master/LICENSE)
Author: Kuba Gretzky (@mrgretzky)
Dependencies: ...A lot ~ https://github.com/kgretzky/evilginx/blob/master/install.sh
Age: March 2017 - Current
Similar tools: SET (Social-Engineer Toolkit) / wifiphisher / Ghost Phisher
Description: Evilginx - Advanced Phishing with Two-factor Authentication Bypass

Man-in-the-middle attack framework used for phishing credentials and session cookies of any web service.

Evilginx is a man-in-the-middle attack framework used for phishing credentials and session cookies of any web service. It's core runs on Nginx HTTP server, which utilizes proxy_pass and sub_filter to proxy and modify HTTP content, while intercepting traffic between client and server.
Additional InformationWeb page: https://breakdev.org/evilginx-advanced-phishing-with-two-factor-authentication-bypass/

Relationships

related to 0002983 closed phishing-frenzy 

Activities

sbrun

2018-06-19 08:19

manager   ~0009281

it requires openresty: https://openresty.org/en/
But openresty is based on nginx and both programs not co-installable.

nginx is required in Kali for the package set in kali-linux-all and kali-linux-full

rhertzog

2019-04-11 16:42

administrator   ~0010498

This was requested a long time ago but nothing happened. A review is in order. Is this something that we still want in Kali?

If yes, please reassign the ticket to sbrun and move it to the "Queued Tool Addtion" category.

Dober

2019-04-13 01:30

reporter   ~0010503

BTW, version v.1.X.X is obsolete. New version is Evilginx 2 : https://github.com/kgretzky/evilginx2
Present version is fully written in GO as a standalone application, which implements its own HTTP and DNS server, making it extremely easy to set up and use.

g0tmi1k

2019-10-28 13:35

administrator   ~0011241

Please could this be packaged

Issue History

Date Modified Username Field Change
2017-05-08 19:29 g0tmi1k New Issue
2017-07-18 13:33 g0tmi1k Summary Evilginx - Advanced Phishing with Two-factor Authentication Bypass => Add Evilginx v1.1.0 - Advanced Phishing with Two-factor Authentication Bypass
2017-07-18 13:33 g0tmi1k Description Updated View Revisions
2017-07-18 14:01 g0tmi1k Relationship added related to 0002983
2017-11-21 14:34 g0tmi1k Description Updated View Revisions
2018-01-29 10:22 g0tmi1k Summary Add Evilginx v1.1.0 - Advanced Phishing with Two-factor Authentication Bypass => Evilginx v1.1.0 - Advanced Phishing with Two-factor Authentication Bypass
2018-01-29 17:44 g0tmi1k Assigned To => sbrun
2018-01-29 17:44 g0tmi1k Status new => assigned
2018-06-19 08:19 sbrun Note Added: 0009281
2019-04-11 16:42 rhertzog Assigned To sbrun =>
2019-04-11 16:42 rhertzog Status assigned => new
2019-04-11 16:42 rhertzog Note Added: 0010498
2019-04-13 01:30 Dober Note Added: 0010503
2019-10-28 13:35 g0tmi1k Note Added: 0011241
2019-10-28 13:35 g0tmi1k Category New Tool Requests => Queued Tool Addition
2019-10-28 16:01 g0tmi1k Severity minor => feature
2019-10-28 16:01 g0tmi1k Status new => assigned