Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

js_inject will not trigger #904

Open
lhost25 opened this issue May 28, 2023 · 9 comments
Open

js_inject will not trigger #904

lhost25 opened this issue May 28, 2023 · 9 comments

Comments

@lhost25
Copy link

lhost25 commented May 28, 2023
edited
Loading

With version 3.0, JS Injection will not trigger in o365. anyone know a new settings for this? I am having difficulty with this or maybe i am doing something wrong. @kgretzky

js_inject:

  • trigger_domains: ["login.microsoftonline.com"]
    trigger_paths: ["/common/oauth2/","/","/*"]

DO NOT ASK FOR PHISHLETS.

DO NOT ASK FOR HELP CREATING PHISHLETS.

DO NOT ASK TO FIX PHISHLETS.

DO NOT ADVERTISE OR TRY TO SELL PHISHLETS.

EXPECT A BAN OTHERWISE. THANK YOU!

REPORT ONLY BUGS OR FEATURE SUGGESTIONS.
@lhost25
Copy link
Author

lhost25 commented May 30, 2023

Its working, your the one making a mistake

thanks for your response bro. I am talking about version 3.0. i build and i tried it with o365 but it wont work after opening in browser. it will only show office page and not fill the email.

do you know what i am doing wrong? kindly please share bro.

Thanks.

@shareblux
Copy link

Hi, did you find a solution to this yet? im having same issue

@lhost25
Copy link
Author

lhost25 commented May 31, 2023

I said you guys should find me on telegram. I have the fix, i would show you'll samples

bro whatever its should be sharing in public here because of different people that might be encountering same problem. i speak for all people that might be facing the same issues.

Thanks.

@shareblux
Copy link

@maxibrainz10

yes please help if you can

@An0nUD4Y
Copy link
Contributor

An0nUD4Y commented Jun 10, 2023
edited
Loading

Checkout the changelog

Fixed: trigger_paths regexp will now match a full string instead of triggering true when just part of it is detected in URL path.

Also if you wanna revert it.
Modify line 909 in core/phishlet.go file

evilginx2/core/phishlet.go

Line 909 in 1ac3d10

re, err := regexp.Compile("^" + d + "$")

This line : re, err := regexp.Compile("^" + d + "$")
with : re, err := regexp.Compile(d)

Working for me.

@lhost25
Copy link
Author

lhost25 commented Jun 30, 2023

Checkout the changelog

Fixed: trigger_paths regexp will now match a full string instead of triggering true when just part of it is detected in URL path.

Also if you wanna revert it. Modify line 909 in core/phishlet.go file

evilginx2/core/phishlet.go

Line 909 in 1ac3d10

re, err := regexp.Compile("^" + d + "$")

This line : re, err := regexp.Compile("^" + d + "$") with : re, err := regexp.Compile(d)

Working for me.

It work bro and thanks for this.

lastly do you have any idea how i can make this adfs? I tried the settings and it's not working.

@lhost25
Copy link
Author

lhost25 commented Jul 16, 2023

I would not be sharing the inject script. But this should solve it

js_inject:

  • trigger_domains: ["login.microsoftonline.com"]
    trigger_paths: ["/common/oauth2/v2.0/authorize*"]
    script: your script here.

and what is script for?

@othiniel17
Copy link

hello how do I start the program on the computer help me

@othiniel17
Copy link

hello how do I start the software on the computer help me

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@An0nUD4Y @lhost25 @shareblux @othiniel17 and others