starred/evilginx2-kgretzky
1
0
Fork 0
mirror of https://github.com/kgretzky/evilginx2.git synced 2026-04-25 00:36:10 +03:00
Code Issues 87 Projects Releases 8 Packages Wiki Activity
8 releases 8 tags
  • v3.0.0 1ac3d10271

    v3.0.0 Stable

    kerem released this 2023-05-10 12:04:32 +03:00 | 38 commits to master since this release

    📅 Originally published on GitHub: Wed, 10 May 2023 09:13:22 GMT
    🏷️ Git tag created: Wed, 10 May 2023 09:04:32 GMT

    • Feature: TLS certificates from LetsEncrypt will now get automatically renewed.
    • Feature: Automated retrieval and renewal of LetsEncrypt TLS certificates is now managed by certmagic library.
    • Feature: Authentication tokens can now be captured not only from cookies, but also from response body and HTTP headers.
    • Feature: Phishing pages can now be embedded inside of iframes.
    • Feature: Changed redirection after successful session capture from Location header redirection to injected Javascript redirection.
    • Feature: Changed config file from config.yaml to config.json, permanently changing the configuration format to JSON.
    • Feature: Changed open-source license from GPL to BSD-3.
    • Feature: Added always modifier for capturing authentication cookies, forcing to capture a cookie even if it has no expiration time.
    • Feature: Added phishlet <phishlet> command to show details of a specific phishlet.
    • Feature: Added phishlet templates, allowing to create child phishlets with custom parameters like pre-configured subdomain or domain. Parameters can be defined anywhere in the phishlet file as {param_name} and every occurence will be replaced with pre-configured parameter values of the created child phishlet.
    • Feature: Added phishlet create command to create child phishlets from template phishlets.
    • Feature: Renamed lure templates to lure redirectors due to name conflict with phishlet templates.
    • Feature: Added {orig_hostname} and {orig_domain} support for sub_filters phishlet setting.
    • Feature: Added {basedomain} and {basedomain_regexp} support for sub_filters phishlet setting.
    • Fixed: One target can now have multiple phishing sessions active for several different phishlets.
    • Fixed: Cookie capture from HTTP packet response will not stop mid-term, ignoring missing opt cookies, when all authentication cookies are already captured.
    • Fixed: trigger_paths regexp will now match a full string instead of triggering true when just part of it is detected in URL path.
    • Fixed: Phishlet table rows are now sorted alphabetically.
    • Fixed: Improved phishing session management to always create a new session when lure URL is hit if session cookie is not present, even when IP whitelist is set.
    • Fixed: WebSocket connections are now properly proxied.
    Downloads