Sessions cookies outlook not work #374
Comments
|
I am having the same issue too. First I thought it was the new version, but even the old versions doesn't work. Any suggestion or any other tool that possibly work? Not sure what has changed though, I captured a cookie and based on what I see, the auth tokens and the credentials part are the same. Unless there has been a change in sub_filters or proxy hosts... |
|
why is this closed? |
|
i am getting this error #248 any help? |
|
This was fixed in 3d85ff9 |
Hey @kgretzky thanks for replying, i haven't tried yet that version but this is the error that i am getting #248 Where are you hosting or suggest to host? I saw that guy mentioned local it worked, but on DO didn't, im currently using one cloud hosting and i get that error. Any idea? |
|
Sorry, but i'used the 2.3.2 version now, i'v not error in evilginx2 , the sessions is captured with 2fa, but when i use the cookies session in chrome it's not recognize, i trying to import in another module firefox and chrome but nothing work. |
|
hosting in my hyper-v home + VPN, but with all other phishers it works very well, as with Yahoo or linkedin. I have a problem just with the outlook cookie, I have tested there 6 months in the same condition without any problems. |
|
For o365 error, you need to modify Yaml file, because it's federated domain name, doesn't working in state |
|
@kgretzky This is still an issue. I tried versions 2.3.2 and 2.3.3 but still unable to use the captured cookie/session. Could you please look into this when you get a chance? |
|
@frdaz For outlook i seem to be stuck in this issue #248 Any idea? For o365, im using as default as it has commented the lines for federated domains, and testing just with outlook email, and it gives me this error after entering email: https://gyazo.com/431a3b3f96bdb8da25e669280de3976d @alecmoran1 So you have outlook working too? besides the sessions, it logs you in normally? where are you hosting? |
Yeah I have no problem with that. We are hosting it locally. Maybe try Amazon or Azure. |
|
Ok for resume. I'v no error with outlook phishlet, i capture fine all cookie with the 2fa, but when i copy the session cookie in addin google chrome "editthiscookie", i cannot login to outlook.live.com, i'v no authentication and i'm redirect to homepage login outlook.live.com . i used chrome 77 and i testing with another cookie editor and testing with firefox, but nothing work. @kgretzky any idea ? |
@kgretzky I second this. I captured the Microsoft cookie and compared it with the yaml file but couldn't see any differences, not sure why it is not working anymore. I even tested this with the versions it was working before like 2.2.0 --About 6 months ago. Not sure what has changed. |
|
Hello, this morning in France, I'v tested. Several things. I found 2 issues I tested with Chrome 70+ "editthiscookie" and with firefox + 70 cookie-editor and everything works i'v modified outlook.yaml auth:token keys with keys: ['WLSSC', 'RPSSecAuth'] and all works fine Many thx for Evilginx |
|
@frdaz any way to contact you to try and troubleshoot this issues together? |
|
Posting guidelines clearly state that this is not a place to ask for help with phishlets. I do not provide any support for them. You can fix the phishlet and send a PR that I will merge. |
Hey, Thanks for sharing this with us. So, I did downgrade my chrome version to Version 70.0.3538.67 (Official Build) (64-bit) and also edited my yaml file and turned into this as you mentioned:
Now, I am getting another cookie along with the first cookie captured but still unable to add the cookie. Could you please verify if you changed anything else? Thank you very much to you and @kgretzky. |
|
Hello, sorry but how update evilginx2 to 2.3.2 ? |
i already used evilginx last year and work fine for test outlook cookies sessions
but i retest yesterday, and when capture sessions cookies for outlook, i can't retrieve a session when i paste cookie in Chrome ou firefox.
it seems that Microsoft has changed the management of cookies, anyone have any info?
The text was updated successfully, but these errors were encountered: