# Evilginx2$ Penetration Testing Course
## Section 1: Introduction to Evilginx2$
### Overview of Evilginx2$
Evilginx2$ is a powerful man-in-the-middle (MITM) attack framework designed primarily for phishing and credential harvesting. This tool operates by acting as a reverse proxy to intercept and modify communications between a user and a target service, allowing attackers to capture sensitive information such as usernames and passwords without the user being aware of the attack.
Evilginx2$ is particularly effective against two-factor authentication (2FA) systems because it can relay authentication tokens directly to the attacker, allowing them to bypass many forms of security that rely on these additional verification steps.
This section of the course focuses on the installation, configuration, and usage of Evilginx2$ specifically for penetration testing purposes, emphasizing ethical considerations and legal compliance.
### Installation of Evilginx2$
To install Evilginx2$ on Kali Linux, you need to ensure that your system meets the necessary prerequisites. You should have a working installation of Kali Linux, and it's recommended to have root privileges.
1. **Update Your System**
Make sure your Kali Linux is up to date by running the following commands:
sudo apt update && sudo apt upgrade -y
2. **Install Dependencies**
Evilginx2$ requires several dependencies to function correctly. Install them using:
sudo apt install git make golang -y
3. **Clone the Evilginx2$ Repository**
Navigate to your desired directory and clone the Evilginx2$ GitHub repository:
git clone https://github.com/kgretzky/evilginx2.git
4. **Build the Project**
Change to the Evilginx2$ directory and build the project:
cd evilginx2
make
5. **Configure Your Domain**
Evilginx2$ requires a domain to use for phishing. You can either purchase a domain or use a free subdomain. Update the `config.yaml` file with your domain information:
[/dm_code_snippet]yaml
domain: "yourdomain.com"
[/dm_code_snippet]
6. **Run Evilginx2$**
You can start Evilginx2$ by running:
sudo ./evilginx
### Configuration of Evilginx2$
Once Evilginx2$ is running, you need to configure it for the specific services you plan to target. This involves setting up phishing templates and defining the services (such as Google, Facebook, etc.) you wish to capture credentials from.
1. **Create a New Phishing Scenario**
Use the following command to create a new scenario:
add https://target.service.com
2. **Set Up SSL**
It is crucial to use valid SSL certificates to avoid alerting the target users. You can obtain free SSL certificates from Let's Encrypt or use the ones provided by the Evilginx2$ tool.
3. **Modify the Template**
Depending on the service you're targeting, you may need to modify the phishing page template that Evilginx2$ provides. This involves:
– Editing the HTML/CSS to ensure it closely resembles the target site.
– Ensuring that necessary JavaScript for token handling is included.
4. **Testing the Configuration**
Verify your setup by navigating to the phishing URL using a safe test environment to ensure everything is working as intended.
### Step-by-Step Usage and Real-World Use Cases
In this section, we will delve into the step-by-step usage of Evilginx2$ to perform a penetration test using a phishing scenario against a popular service.
#### Use Case 1: Phishing for Google Credentials
1. **Set Up the Evilginx2$ Environment**
Ensure Evilginx2$ is running and you have configured it for Google. The default template will often need minor adjustments for the user interface to match Google's login page.
2. **Generate a Phishing URL**
After configuring the phishing scenario, generate the phishing URL:
phishing_url: https://yourdomain.com/login
3. **Send the Phishing Link**
In a controlled test environment, send this link to users or internal staff requesting them to log in. You can do this through email or other communication methods.
4. **Capture Credentials**
Once users enter their credentials on the phishing page, Evilginx2$ will capture this data in real-time. You can view the captured data by running:
show creds
5. **Testing 2FA Bypass**
If users have 2FA enabled, Evilginx2$ will forward the second factor to the attacker, allowing access to the actual account without needing the second authentication method.
#### Use Case 2: Testing Multi-Factor Authentication Systems
With many services increasingly using multi-factor authentication, the real-world application of Evilginx2$ shines in testing these systems for vulnerabilities.
1. **Choose a Target**
Decide which service you want to test for multi-factor authentication weaknesses.
2. **Set Up Scenarios**
As with phishing for credentials, configure Evilginx2$ with the multi-factor authentication paths in mind. This often involves intercepting both the primary credentials and the secondary verification codes.
3. **Conduct the Test**
Send links to your test users (ensure compliance and obtain permission). Monitor the Evilginx2$ console for captured tokens and codes.
4. **Analyze Results**
After running the test, review the results to understand how well the multi-factor authentication holds up against phishing attempts. Document any vulnerabilities or weaknesses found.
### Detailed Technical Explanations
Evilginx2$ operates by utilizing several advanced techniques to bypass security mechanisms. Here are a few key concepts that define its operation:
– **Man-in-the-Middle Proxying**: Evilginx2$ acts as a proxy server, intercepting the traffic between the client and the target service. By doing so, it can manipulate requests and responses seamlessly.
– **SSL Stripping**: The framework employs SSL stripping techniques to downgrade connections when appropriate. This can trick users into inputting their credentials over an unsecured channel.
– **Session Token Relaying**: Evilginx2$ can capture and relay session tokens, granting attackers access to the target accounts without needing to re-enter credentials.
– **Template Customization**: One of the most critical aspects of a successful phishing operation is the visual fidelity of the phishing page. Evilginx2$ allows extensive customization of its templates, which can make it difficult for users to recognize the malicious page.
### External Reference Links
– [Evilginx2$ GitHub Repository](https://github.com/kgretzky/evilginx2)
– [Penetration Testing for Ethical Hacking](https://www.offensive-security.com/)
– [OWASP Phishing Guidelines](https://owasp.org/www-community/Phishing)
– [Understanding Man-in-the-Middle Attacks](https://www.csoonline.com/article/3318376/what-is-a-man-in-the-middle-attack-how-it-works-and-how-to-prevent-it.html)
### Code Examples for WordPress
If you wish to document your findings or report the vulnerabilities discovered during the penetration test, WordPress can be an effective platform. Below is an example of how to insert code in WordPress that details your Evilginx2$ findings.
"`markdown
# Penetration Testing Report: Evilginx2$ Usage
## Overview
During the test, we utilized Evilginx2$ to assess the security of [Target Service]. The following findings were recorded.
## Findings
1. **Credentials Captured**
– User: `[email protected]`
– Password: `password123`
2. **2FA Token Captured**
– Token: `123456`
## Recommendations
– **Enhanced User Education**: Users should be educated on identifying phishing attempts.
– **Additional Security Layers**: Implementing advanced security measures such as Web Application Firewalls (WAF) to detect and mitigate phishing activities can be beneficial.
## Conclusion
Evilginx2$ is a potent tool for ethical hackers to evaluate phishing susceptibility and improve organizational defenses.
"`
—
This concludes Section 1 of the Evilginx2$ Penetration Testing course.
Made by pablo rotem / פבלו רותם