evilginx2: failed to obtain certificates when enable phishlets
Hi sir, I just want to use evilginx2 for testing purpose on local network. So I download precompile version for linux and config them follow your README(no offense but you miss the ‘s’ for phishlet on https://github.com/kgretzky/evilginx2#getting-started).
./evilginx :config domain kali.local :config ip 192.168.125.138 :phishlets hostname outlook my.phishing.kali.local
But when I enable phishlets outlook I got the error below. :phishlets enable outlook
: phishlets enable outlook
[14:55:26] [inf] enabled phishlet 'outlook'
[14:55:26] [inf] setting up certificates for phishlet 'outlook'...
[14:55:26] [war] failed to load certificate files for phishlet 'outlook', domain 'my.phishing.kali.local': open /root/.evilginx/crt/my.phishing.kali.local/outlook.crt: no such file or directory
[14:55:26] [inf] requesting SSL/TLS certificates from LetsEncrypt...
[14:55:29] [err] [outlook.my.phishing.kali.local] acme: Error 400 - urn:acme:error:malformed - Error creating new authz :: Name does not end in a public suffix
[14:55:29] [err] [login.my.phishing.kali.local] acme: Error 400 - urn:acme:error:malformed - Error creating new authz :: Name does not end in a public suffix
[14:55:29] [err] [account.my.phishing.kali.local] acme: Error 400 - urn:acme:error:malformed - Error creating new authz :: Name does not end in a public suffix
[14:55:29] [!!!] failed to obtain certificates
[14:55:29] [inf] disabled phishlet 'outlook'
About this issue
- Original URL
- State: closed
- Created 6 years ago
- Comments: 15 (1 by maintainers)
Commits related to this issue
- Add 's' for phishlets command Correction thanks to @j3ssie's https://github.com/kgretzky/evilginx2/issues/2 issue. — committed to wikijm/evilginx2 by wikijm 6 years ago
I just thought that we might do that in local network that we totally control. But btw thank for the answer, it’s very clear.
Hi @j3ssie,
It’s not an issue, but a normal response.
You are trying to get a certificate by Let’s Encrypt for a private IP address, which is not possible. You have to use a public IP address, a valid public domain name that you own and the ability to redirect requests made on 80 and 443 ports from Internet to you local VM IP.