Modlishka
Modlishka copied to clipboard
drk1wi
Cookie disabled error message
whenever I try to log in with my URL it says cookies not enabled Please how do I fix this, I have my config file below please I need corrections
{
"proxyDomain": "my.phishingdomain.com",
"listeningAddress": "0.0.0.0",
"proxyAddress": "",
"target": "account.g
oogle.com", "targetResources": "content.googleapis.com,www.gstatic.com,ssl.gstatic.com,ogs.google.com,accounts.google.com,clients1.google.com,clients2.google.com,clients3.google.com,clients4.google.com,clients5.google.com,clients6.google.com", "rules": "", "terminateTriggers": "", "terminateRedirectUrl": "", "trackingCookie": "ident", "trackingParam": "ident", "jsRules":"", "jsReflectParam": "reflect", "debug": false, "forceHTTPS": false, "forceHTTP": false, "dynamicMode": true, "logPostOnly": false, "disableSecurity": false, "log": "google.log", "plugins": "all", "credParams": "dHJ1ZVxdLCIoKD86XHcrW1wuXC1cX10pezAsfVx3KykiXQ==,XGJudWxsLFxbIihbYS16QS1aMC05IiEiIyQlJicoKSorLC0uLzo7PD0+P0BeX2B7fH1+XSspIixudWxsXGI=",
@#drk1wi
`
@drk1wi Please why do we keep getting this cookies disable error and how do we resolve it Tool Contributors please help out @bordeux @infosecwatchman @jbuhacoff @0xflotus @Brainloop-Security @arch4ngel @dan-sra @dzsibi @wisdark @amasser @gnsisfun @whitemike889 @killvxk
Thanks!! Hope tool still works tho 💯
Hard to say what the issue is with the configuration without implementing the server and inspecting Google's logic as it's initialized.
As a reverse proxy, Modlishka itself is working perfectly. There's likely been a change in the application (Google) to prevent the reverse proxy approach from intercepting tokens while operating as a MITM. I recommend inspecting JavaScript to determine if any checks on the FQDN/URL is being performed and patching that logic with a rule.
If rules are for some reason insufficient, it may be necessary to write a custom plugin or patch Modlishka itself.
Tool Creator should work on this, it ain't making no sense that the default json file (Google) is not updated cause seeing that work on Google tells us that it definitely works on all sites
@drk1wi please resolve google.json file to stop this cookie disabled error
Experiencing same issue Google keeps saying cookies disabled I've used different browsers, same on safari, chrome, Opera and even Microsoft edge so it's definitely not from the browser but the tool configuration Need help @drk1wi @arch4ngel
Pretty bold of you to lash out at someone willing to share their code with you @Bibleman1. Maintaining configuration files could be a full time job given that web applications are perpetually receiving updates, especially widely used corporate applications like Google.
I've already said it once but I'll be more blunt this time:
- review Google's source code to determine where/how the cookie checks are being applied
- develop a plug-in or patch Modlishka to handle the check accordingly
- there are several examples in the plug-in directory
As a full-time tester, I don't have the bandwidth to do this work for you.
@drk1wi Please why do we keep getting this cookies disable error and how do we resolve it Tool Contributors please help out @bordeux @infosecwatchman @jbuhacoff @0xflotus @Brainloop-Security @arch4ngel @dan-sra @dzsibi @wisdark @amasser @gnsisfun @whitemike889 @killvxk
Thanks!! Hope tool still works tho 100
you are just an arrogant writer , you have got no good mode of approach
