Awesome demonstration. Out of curiosity, is the Cookie you grabbed hard-coded for a specific period of time or since you hit stay logged in is the cookie valid until a new cookie is generated?
I actually don't know how long that is valid for in reality. Given I have only used this during short red-team engagements it's not something I have experimented with. This might help learn.microsoft.com/en-us/microsoft-365/enterprise/session-timeouts?view=o365-worldwide learn.microsoft.com/en-us/answers/questions/193907/persistentsession-cookies-keep-me-signed-in.html
No worries. I was just wondering. Our organization sees tons of phishing. Kudos to getting the link and certs in place. Definitely represents a more advanced phish campaign.
I DO NOT SEE THE USE...HELP ME OUT HERE. SAY YOU DO THIS FOR BANKING AND THEY NEED TO GO THROUGH THE SMS OR IN APP NOTIFICATION WHAT COOKIES DO YOU GET HOW YOU GET THAT?
@@CyberAttackDefense hey thanks for answering. I mean to delete my stupid comment as i later understood the cookie jar thing that happens later once the user enter the website it is redirected. I do not know if you know but you are the ONLY one who has a video on this topic i mean if you literally search allintitle: --- u are the only one. Would you be able to make a video on create our own phishlet. The amazing dude over at VillaRoot has one but it would be amazing having you also do a class.. Would you? thanks
I have one more video coming up on writing ransomware for ESXi then I will start the EvilGoPhish series. I will also extend it to internal phishing for more evil.
Please keep up the good work man. Your videos are amazing to comprehend.
Thanks, will do!
Awesome demonstration. Out of curiosity, is the Cookie you grabbed hard-coded for a specific period of time or since you hit stay logged in is the cookie valid until a new cookie is generated?
I actually don't know how long that is valid for in reality. Given I have only used this during short red-team engagements it's not something I have experimented with. This might help learn.microsoft.com/en-us/microsoft-365/enterprise/session-timeouts?view=o365-worldwide
learn.microsoft.com/en-us/answers/questions/193907/persistentsession-cookies-keep-me-signed-in.html
No worries. I was just wondering. Our organization sees tons of phishing. Kudos to getting the link and certs in place. Definitely represents a more advanced phish campaign.
I also wondered this. There's no way that the cookie are hard-coded. It has to have some limitations.
Great video.
I have a upcoming internal pentest at a company soon. When will this series be coming out? This is awesome.
Very soon! Hopefully early 2023
Thanks for sharing this; can you please indicate what type of MFA was using "the client"?
Microsoft Authenticator
Hey all well but one query if u have to launch campaign for 20 ppl then how should I need ti change the rid at server level or ?
You shouldn’t need to change the rid unless you’re changing the whole campaign
sir o365 template is not intercepting token on evilgnx2, so can you please share your Updated o3652 template please?
That template is part of the evilgophish repo
thanks for sharing l
You bet. Thanks for watching!
I DO NOT SEE THE USE...HELP ME OUT HERE. SAY YOU DO THIS FOR BANKING AND THEY NEED TO GO THROUGH THE SMS OR IN APP NOTIFICATION WHAT COOKIES DO YOU GET HOW YOU GET THAT?
The use here is you can steal the session token from a user once they authenticate using any method that’s not FIDO2 or magic link.
@@CyberAttackDefense hey thanks for answering. I mean to delete my stupid comment as i later understood the cookie jar thing that happens later once the user enter the website it is redirected. I do not know if you know but you are the ONLY one who has a video on this topic i mean if you literally search allintitle: --- u are the only one. Would you be able to make a video on create our own phishlet. The amazing dude over at VillaRoot has one but it would be amazing having you also do a class.. Would you?
thanks
@@user-jp4pl9dk9i Thanks for watching. I will demo evilginx3 when it comes out here soon as well just to keep everyone up to date.
What/who do you use for mx verification?
Sendgrid
I don't have the Landing Pages module.
Evilgophish has some different lures than evilginx2
@@CyberAttackDefense Yep but in this video you have it
@@CyberAttackDefense the link created by evilginx does not work
@@fabianpena7370 not sure. I used evilgophish repo try that.
does it still work for outlook as per 26 dec 2022 today?
As far as I know this still works.
@@CyberAttackDefense i tried but ot failed
@@novianindy887 So you enabled SSL/HTTPS?
can you do a tutorial on how to setup evilgophish?
I can. It will probably have to be a series to do the whole setup.
@@CyberAttackDefense oh wow yes please That would be awesome I don’t think there’s other tutorials on RUclips
@@CyberAttackDefense Yes please! This would be super useful! Hope you can start the series soon, im excited!
I have one more video coming up on writing ransomware for ESXi then I will start the EvilGoPhish series. I will also extend it to internal phishing for more evil.
@@CyberAttackDefense Thanks for your hardwork!!!
your password is visible at 4:58
:/ fix it?
Yep I knew that was going to happen so I changed them before I released this video
It’s ok he has MFA enabled.
@@JamesEtc3417 lol
Can u hack a hacker
Please make vd for install tool evilginx2
Ok I was planning on doing a setup video next.