[PR #1202] support for HTTPS -> HTTP, HTTP -> HTTP, new phishlet property (http_mode) #197

New issue

Open

opened 2026-02-26 02:31:34 +03:00 by kerem · 0 comments

kerem commented 2026-02-26 02:31:34 +03:00

Owner

Copy link

📋 Pull Request Information

Original PR: https://github.com/kgretzky/evilginx2/pull/1202
Author: @jfmaes
Created: 1/31/2026
Status: 🔄 Open

Base: master ← Head: master

---

📝 Commits (7)

• 5237344 added HTTP support for security awareness campaigns
• 11e48fd updated .gitignore to exclude compiled binary
• b89f613 improved HTTP support documentation and lure URL generation
• 3ae072a Merge pull request #1 from jfmaes/claude/add-http-support-7ERxo
• 9006cdb http phishing!
• 7a3680f more fixes to HTTP
• 60b3b78 no more claude.

📊 Changes

8 files changed (+442 additions, -23 deletions)

View changed files

📝 .gitignore (+4 -0)
📝 core/config.go (+128 -0)
📝 core/http_proxy.go (+86 -7)
📝 core/phishlet.go (+61 -5)
📝 core/terminal.go (+57 -10)
📝 main.go (+1 -1)
➕ phishlets/example-http.yaml (+95 -0)
📝 phishlets/example.yaml (+10 -0)

📄 Description

Hey Mate

I had to use evilginx for a HTTP target. had to patch and figured I'd share.

Add HTTP Support for Security Awareness Campaigns

Summary
This PR adds comprehensive HTTP support to evilginx2, enabling security awareness campaigns and internal testing scenarios where TLS certificates are not required or available. This feature allows the phishing server to operate over plain HTTP and proxy to HTTP backend servers.

Changes

New Features

1. HTTP Phishing Server (http_mode)

Phishing server can now listen on plain HTTP (no TLS required)
Configurable via phishlet YAML: http_mode: true
Configurable via CLI: phishlets http_mode on|off
HTTP port configurable: config http_port (default: 80)
Automatically applies when phishlet is enabled if set in YAML

2. HTTP Origin Targets (orig_scheme)
   Proxy can connect to origin servers over HTTP instead of HTTPS
   Set per proxy_host in phishlet YAML: orig_scheme: 'http'
   Correctly routes requests to port 80 for HTTP origins

3. New Example Phishlet
   Added phishlets/example-http.yaml demonstrating HTTP support
   Includes comprehensive documentation and usage examples

Usage Examples

Scenario A: HTTP → HTTP (internal awareness campaign)

phishlets hostname example-http phish.internal.lan

phishlets enable example-http

lures create example-http

lures get-url 0
Result: http://phish.internal.lan/...

Scenario B: CLI-based HTTP mode

phishlets hostname mysite attacker.com

phishlets http_mode mysite on

phishlets enable mysite

Phishlet YAML Configuration

  http_mode: true  # Enable HTTP mode by default
  
  proxy_hosts:
    - phish_sub: 'app'
      orig_sub: 'app'
      domain: 'target.local'
      orig_scheme: 'http'  # Connect to origin over HTTP

🤖 Generated with Claude Code

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/kgretzky/evilginx2/pull/1202 **Author:** [@jfmaes](https://github.com/jfmaes) **Created:** 1/31/2026 **Status:** 🔄 Open **Base:** `master` ← **Head:** `master` --- ### 📝 Commits (7) - [`5237344`](https://github.com/kgretzky/evilginx2/commit/5237344ac39e7e197a35b7f5a8995e014d718e8e) added HTTP support for security awareness campaigns - [`11e48fd`](https://github.com/kgretzky/evilginx2/commit/11e48fd5923a3337e4d10a579c1b9522a65905ea) updated .gitignore to exclude compiled binary - [`b89f613`](https://github.com/kgretzky/evilginx2/commit/b89f6138849ec6afa563c85b2c9289a240666b16) improved HTTP support documentation and lure URL generation - [`3ae072a`](https://github.com/kgretzky/evilginx2/commit/3ae072abf01e4b8f2ed230b716476bcc52596484) Merge pull request #1 from jfmaes/claude/add-http-support-7ERxo - [`9006cdb`](https://github.com/kgretzky/evilginx2/commit/9006cdbca6f2c04c0862d74130b700880599882f) http phishing! - [`7a3680f`](https://github.com/kgretzky/evilginx2/commit/7a3680fc79c08255d3d34ce53f311bbb82e08b2e) more fixes to HTTP - [`60b3b78`](https://github.com/kgretzky/evilginx2/commit/60b3b785a7ff6330bb407a0ddc0370421f25f946) no more claude. ### 📊 Changes **8 files changed** (+442 additions, -23 deletions) <details> <summary>View changed files</summary> 📝 `.gitignore` (+4 -0) 📝 `core/config.go` (+128 -0) 📝 `core/http_proxy.go` (+86 -7) 📝 `core/phishlet.go` (+61 -5) 📝 `core/terminal.go` (+57 -10) 📝 `main.go` (+1 -1) ➕ `phishlets/example-http.yaml` (+95 -0) 📝 `phishlets/example.yaml` (+10 -0) </details> ### 📄 Description Hey Mate I had to use evilginx for a HTTP target. had to patch and figured I'd share. ## Add HTTP Support for Security Awareness Campaigns Summary This PR adds comprehensive HTTP support to evilginx2, enabling security awareness campaigns and internal testing scenarios where TLS certificates are not required or available. This feature allows the phishing server to operate over plain HTTP and proxy to HTTP backend servers. ## Changes New Features 1. HTTP Phishing Server (http_mode) Phishing server can now listen on plain HTTP (no TLS required) Configurable via phishlet YAML: http_mode: true Configurable via CLI: phishlets http_mode <phishlet> on|off HTTP port configurable: config http_port <port> (default: 80) Automatically applies when phishlet is enabled if set in YAML 2. HTTP Origin Targets (orig_scheme) Proxy can connect to origin servers over HTTP instead of HTTPS Set per proxy_host in phishlet YAML: orig_scheme: 'http' Correctly routes requests to port 80 for HTTP origins 3. New Example Phishlet Added phishlets/example-http.yaml demonstrating HTTP support Includes comprehensive documentation and usage examples <img width="349" height="236" alt="image" src="https://github.com/user-attachments/assets/ec7a713d-b48d-4952-8c3a-ac6473a301f7" /> ## Usage Examples Scenario A: HTTP → HTTP (internal awareness campaign) : phishlets hostname example-http phish.internal.lan : phishlets enable example-http : lures create example-http : lures get-url 0 Result: http://phish.internal.lan/... Scenario B: CLI-based HTTP mode : phishlets hostname mysite attacker.com : phishlets http_mode mysite on : phishlets enable mysite ## Phishlet YAML Configuration ``` http_mode: true # Enable HTTP mode by default proxy_hosts: - phish_sub: 'app' orig_sub: 'app' domain: 'target.local' orig_scheme: 'http' # Connect to origin over HTTP ``` 🤖 Generated with Claude Code --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

kerem added the

pull-request

label 2026-02-26 02:31:34 +03:00

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

dependabot/go_modules/golang.org/x/net-0.7.0

dependabot/go_modules/github.com/tidwall/gjson-1.9.3

dependabot/go_modules/github.com/miekg/dns-1.1.25

dev

v3.3.0

v3.2.0

v3.1.0

v3.0.0

2.4.0

2.3.0

2.2.0

2.0.0

Labels

Clear labels   

pull-request

Mirrored from GitHub Pull Request

No labels

pull-request

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/evilginx2-kgretzky#197

No description provided.