Infinite loading when entering Google Account name and pressing next

[EvilAdcid]

When I enter an account name and click "next" it will infinitely load with the blue bar at the top of the Google login box. There is no debug information besides this:

: 2019/10/12 13:46:33 [008] WARN: Cannot handshake client ssl.gstatic.com remote error: tls: unknown certificate
2019/10/12 13:46:34 [009] WARN: Cannot handshake client play.google.com remote error: tls: unknown certificate
2019/10/12 13:46:34 [010] WARN: Cannot handshake client accounts.google.com remote error: tls: unknown certificate
2019/10/12 13:46:34 [011] WARN: Cannot handshake client play.google.com remote error: tls: unknown certificate
2019/10/12 13:46:38 [012] WARN: Cannot handshake client accounts.google.com remote error: tls: unknown certificate
2019/10/12 13:46:47 [013] WARN: Cannot handshake client accounts.google.com remote error: tls: unknown certificate

But I do not think that is relevant to the problem.

Does this happen to anyone else? The username is also not logged but a session in EvilGinx is made with just the IP address.

[StratoMusic]

same error, server is in fr, dont know if thats an issue

[JSheadache]

When testing with master branch of evilginx2 and google.yaml by @ewhit I am able to get as far as username and password, however Google returns an error, "You are trying to sign in from a browser or app that doesn't allow us to keep your account secure.”

I tried this branch and phishlet out in hopes that the features would mitigate this issue. However I observed something similar to others in this post. The browser became 'stuck' and

POST /jserror HTTP/1.1
Host: accounts-google.com.

If anyone is interested to compare notes, you can drop me a line at zoomdeveloper@protonmail.com

[Fummowo]

When testing with master branch of evilginx2 and google.yaml by @ewhit I am able to get as far as username and password, however Google returns an error, "You are trying to sign in from a browser or app that doesn't allow us to keep your account secure.”

I tried this branch and phishlet out in hopes that the features would mitigate this issue. However I observed something similar to others in this post. The browser became 'stuck' and

POST /jserror HTTP/1.1
Host: accounts-google.com.

If anyone is interested to compare notes, you can drop me a line at zoomdeveloper@protonmail.com

I believe that you only get this error when using Google Chrome. From my testing, I can enter information on another browser such as edge without it detecting anything unusual.

[Fummowo]

Nevermind, i've just tried out @ewhit's version and although it grabs the username and password, whatever browser you are on, google manages to detect it and will not sign you in, meaning you don't receive a cookie.

[horllste]

That’s normal, study js bypass and you should be able to get pass it

[petr209]

I have the same issue, and I was tinkering around and found out that the problem is here :
replace: 'accounts-google.com.{domain}',

I tried to change the accounts-google.com to many different strings and then it would go to the next page saying sorry your browser is not secure

[horllste]

You have to bypass js, read the other related issues