evilginx2: Outlook phishlet missing correct domain? (goproxy related "Cannot write TLS response body from mitm'd client")

Hi,

I just tried out the latest version (2.3.0) of evilginx2 and played with outlook and o365 phishlets.

Strangely both fail, I assume because a domain is missing in the yaml (I am not really sure about this yet, as I just have to work my head around the config files).

When I open a browser, I see the login and password screens just as expected. However when I click on the submit of the password, I receive an error from Microsoft: screen

request-id 7d3deb1f-d842-4d91-b45e-833d6510c12e
X-Auth-Error Microsoft.Exchange.Clients.Security.MSSPErrorException
X-OWA-Version 15.20.1709.16
X-FEServer AM0PR05CA0071
X-BEServer AM0P195MB0276
Date:20/03/2019 21:40:05

Any ideas if the yaml needs to be adjusted?

At the same time the console gives continuous TLS errors 2019/03/20 21:39:55 [121] WARN: Cannot handshake client outlook.live.com remote error: tls: unknown certificate 2019/03/20 21:39:55 [124] WARN: Cannot handshake client login.live.com remote error: tls: unknown certificate

About this issue

  • Original URL
  • State: closed
  • Created 5 years ago
  • Comments: 21 (4 by maintainers)

Most upvoted comments

Wow. Thanks for all this information. I will try to look into it as it is indeed strange. I’ve never experienced this behavior before.

+3
kgretzky on Mar 21, 2019
Read more comments on GitHub
← evilginx2: failed to obtain certificates when enable phishlets
Htmx.Net: Antiforgery header is not sent with hx-delete →