evilginx2 icon indicating copy to clipboard operation
evilginx2 copied to clipboard

Published 20 hours ago verified publisher icon kgretzky

Added Dropbox Phishlet

Open charlesbel opened this issue 4 years ago • 3 comments

Fully working !

charlesbel avatar Mar 30 '21 10:03 charlesbel

~This doesn't work or at least isn't working anymore.~

  1. There are obvious JS checks that aren't replaced. The checks don't block login per se but may affect other things.
n.assertDropboxDomain = function (e) {
    var n = document.createElement('a');
    n.href = e;
    var t = n.hostname || window.location.hostname;
    if ( - 1 === t.indexOf('.dropbox.com', t.length - '.dropbox.com'.length)) throw new Error('Cannot send the CSRF token to ' + t)
  }
})),
  1. Importing cookies doesn't result in getting a logged in session. This is because evilginx's cookies have a different sameSite value from what Dropbox is expecting. Real: "sameSite": "no_restriction",, evilginx: "sameSite": null,. This issue may be due to the JS checks which aren't properly cleared, but I don't know for certain.

ghost avatar Sep 03 '21 13:09 ghost

Thanks @TomAbel According to what you said, I fixed it and now cookies works well. Some of the things you said weren't true, but you helped me thanks.

charlesbel avatar Sep 04 '21 20:09 charlesbel

Thanks @TomAbel According to what you said, I fixed it and now cookies works well. Some of the things you said weren't true, but you helped me thanks.

Cheers. I didn't focus too deep into this to test out my claims when commenting. Removed the incorrect details. Glad to hear you got it working.

ghost avatar Sep 04 '21 20:09 ghost