2 жыл бұрын
Пікірлер
@palevelmode 7 күн бұрын
doing rto but I understand the concept more as you explain them. Though I find little harder to perform the attacks following your approach. This is great.
@villaroot 7 күн бұрын
Best of luck on rto! Glad the video was helpful!
@palevelmode 7 күн бұрын
is the lab your own? can you do another red team attack in the future? various kerberos attacks maybe?
@AdityaChaurasiya-ln3lp 8 күн бұрын
the perfect solution i was looking for
@villaroot 7 күн бұрын
Nice! I'm glad it was helpful!
@Resolumatique 9 күн бұрын
How to configured evilginx
@villaroot 7 күн бұрын
Hey! I used to have a video on configuration but KZbin gave me a slap on the wrist and deleted it for 'illegal activities'
@aki-fi3gk 28 күн бұрын
Do you need to have a vps like digital ocean for evilginx?
@villaroot 27 күн бұрын
Yeah you would need a vps, digital ocean works good
@phillydee3592 Ай бұрын
Great vid,can you refer me to a video where I can add this vulnerable template in my DC to test these,thank you
@villaroot Ай бұрын
I don't know if a video but steps are pretty simple. You can duplicate or copy the Kerberos template to make a new template. Then just check the box for 'supply in request' in the 'subject name' tab.
@phillydee3592 Ай бұрын
@@villaroot Cool,thank you,much appreciated 🙏
@Tathamet Ай бұрын
Great video thanks!
@pierobazan2660 Ай бұрын
THANKSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS <3
@villaroot Ай бұрын
Very welcome:)
@adamsmith_1337 Ай бұрын
thank you for information sir
@user-jb8de9sd1y 2 ай бұрын
Your video got deleted, can you send me that video, I don’t know how to set up evilginx2, always getting an error with letsencrypt
@user-bc4gp4nr5v 2 ай бұрын
new upload??
@dmustakasjr 2 ай бұрын
First 9 mins of setup is key. Penetration test(ers) need to know those key details in order to be able to fully demonstrate the technical information in any report to a client. Thank you for including that.
@sharellgee 2 ай бұрын
please am getting this error [err] cert_db: failed to load certificate key-pair: tls: private key does not match public key
@smbsid 2 ай бұрын
Very good video.
@mr.forensics8285 2 ай бұрын
I dont think you added the link for setting up the local website. Can you verify the link in the description?
@user-xl1kd8iq3n 3 ай бұрын
Thanks for the very insightful video. I've made it very close to the end but currently stuck. When I pull up a session, the username / password fields are blank. What am I missing here and where can I go to fix it? Also, will it fetch the creds even if they are incorrect? Thank you!
@SzaboB33 3 ай бұрын
Excellent video, I learned this attack from this video half a year ago but I have one question that still: If the HTTP NTLM authentication would use HTTPS instead of just cleartext, how would that change this attack vector if at all?
@villaroot 3 ай бұрын
Thanks for the support! I was digging more into the HTTPS mitigation. And it looks like just having HTTPS wont fix it, it also has to have extended protection and authentication (EPA) set to 'required'. support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
@janetIewis3902 4 ай бұрын
Does it still work for evilginx3
@SrRunsis 4 ай бұрын
Great vid man!
@villaroot 4 ай бұрын
Thanks!
@PatrickHener 4 ай бұрын
Hi there. Original tool creator here. Thanks for reviewing my tool. I really love the clear instructions that you gave to set it up. I didn't really think of this as a use case with domain and such. Also I am sorry that the UI was not clear enough when it comes to uploading. I will take away 2 issues here which I will look into as a future improvement of the tool. This is a) start upload directly after drag and drop without the need to press the "X" and b) integrate with lets encrypt for automatically pulling a valid certificate. I cannot promise that I am able to resolve both of those though. Nontheless, have a good one.
@villaroot 4 ай бұрын
Hey, an honor to have you see this review video! Those would be great additions to the tool. Thanks for creating Goshs because it's been my favorite way to transfer files, even for personal use, so I use it all the time.
@PatrickHener 4 ай бұрын
@@villaroot I have added the features with release v0.3.8. Be sure to check it out.
@lavenderstyle4579 4 ай бұрын
i did it but how do i make it for my voce chat server
@nlinley 4 ай бұрын
Does the disable outbound ntlm gpo setting provide any protection on dc's that allow ntlm v1?
@shinigamiryoutaro 4 ай бұрын
Somehow did not work on Arch
@villaroot 4 ай бұрын
You're smarter than me for using Arch. I can only wish you the best on your journey. But I'll see if I do find any details I'll let you know
@shinigamiryoutaro 4 ай бұрын
@@villaroot Thanks
@orhangut 5 ай бұрын
You rock! Please keep sharing and producing content. Hopefully in the not too distant future KZbin will show more of this useful content in the foreground.
@villaroot 5 ай бұрын
Thanks! I really appreciate that!
@itay1207 5 ай бұрын
great video
@girl4632 5 ай бұрын
Hey how to you created your own testing website and used evilginx on it as on my evilginx keep on saying tls certificate error. As i am using my website with self signed certificate
@user-li8ps5qu7h 5 ай бұрын
Hi. i just came across this video. you've done a really great job and will like to see more. do you have a discord channel where students come together ask questions and you help with answers ?
@villaroot 5 ай бұрын
Thanks for the support, and I'm glad you are enjoying my videos!! I don't have a discord channel, tbh I didn't think anyone would care enough to join one from me lol.
@user-li8ps5qu7h 5 ай бұрын
lol well i will. i came across some phishlets on github with i downloaded. i use ssh bitvise which give me the privilege of being able to dragging any file into the server. so i dragged the phishlets into the evilginex folder in the server but when i executed the program i didnt find any of the phishlets in there what could be wrong ? also can i edit an existing phichlet for a completely different program? @@villaroot
@JohnSmith-wz7he 6 ай бұрын
Great Clip! Thanks you. Would be great one day if you covered all 8 🙂
@villaroot 6 ай бұрын
I was wondering if that would be valuable to ppl. So thanks for letting me know it might be!
@orhangut 6 ай бұрын
Thanks, you save my day (maybe days :) )
@girl4632 7 ай бұрын
Ya one more thing please reply. I setted my own mail server using postfix but it didn't worked, I mean I sensed email to Gmail address, it said your ip isn't in authenticated ip list contact isp. What is this all things.
@girl4632 7 ай бұрын
Hey could you tell about domain. There is 30 day period only for domain or ssl. And how buying deleted domain. Changes the things, do it really does or not
@villaroot 7 ай бұрын
Hi, yes buying an expired domain does make a big difference. A new domain can set off alerts on the client machine if you are downloading files from it. One of the checks is if a domain is more than 30 days old.
@girl4632 7 ай бұрын
@@villaroot Mark me if I am wrong. But won't when we purchase a deleted domain it dns registry show the day we purchased, so won't it be called newly purchased. It actually shows the new date of the day we purchased it. Thanks a lot for your reply. Your one reply made me loyal to you. And what about new ssl certificates, I was watching a video and this fact too popped up.
@villaroot 7 ай бұрын
Thanks for the support! And I'm honestly not too sure how much the purchased date matters. But I do know the total age does matter a lot, especially since you can see if it's already categorized.
@girl4632 7 ай бұрын
@@villaroot Your knowledge sharing and support towards followers deserves our support. But where this total age is given. As in DNS record it will show the new date of purchase. And what's the role of categorisation and what it is.
@villaroot 7 ай бұрын
Categorization is like a grouping of different types of websites which results in a risk rating. For example if your website is hosting malware or something like evilginx, it will eventually get detected as 'malware' and given a high risk rating. If it's a normal site that blogs about traveling. It will be put in a group related to 'traveling information' and given a 'low risk's rating. New sites that have never hosted anything are categorized as like medium or high rating I think. Then comes into play when clients have web filters or detection software. So if you buy a site that was previously a low risk, then that will probably pass detections on a target's workstation.
@hotplugin0x01 7 ай бұрын
Please more adcs videos
@skrskr9000 7 ай бұрын
Version 3 is out so is this one not gonna work now ?
@villaroot 7 ай бұрын
I believe the format for the phishlets are still the same. The only difference I can remember is at the top, you have to put version 3 instead of 2
@skrskr9000 7 ай бұрын
@villaroot ok thanks. Thanks so much for this, the burp suite trick is definitely what i was missing. I just need to watch this a few more times
@meysamabedi4806 7 ай бұрын
pls more vedio about evilngix thanks
@jpcapone 8 ай бұрын
I just wanted to thank you for getting this information out there. You also broke it down in a very easy to understand way. Most importantly you shed light on the remediation path. Other posts have been vague to misleading when it comes to how you should fix this vulnerability. Thank YOU!!!
@villaroot 8 ай бұрын
Very welcome! I'm glad you enjoyed the work I put into it!
@deepakraj-kn2fp 8 ай бұрын
could you make videos for multiple domain with firewall in a AD
@dumindachamara8918 8 ай бұрын
Hi can you please show how to do this in Windows 10 machine?
@Raja-ct9xq 9 ай бұрын
Appreciate your efforts in making this demo. Very informative.😊
@MohdAqeelasif 9 ай бұрын
good one 👍🏻
@nancydelagarzaarzeta808 9 ай бұрын
, quick question about which evilginx course I should take. evilginx professional course or evilginx mastery course ❓ sort of on a budget atm!
@Alantrait 9 ай бұрын
Hey bro yeah I have the ginx mastery course
@geeeX3 10 ай бұрын
Hi Villaroot, I came across your videos and they’ve been helpful. Is it possible to send the login data (email, password & cookies) to email instead of checking evilginx all the time
@villaroot 10 ай бұрын
That's an interesting idea. I haven't seen it documented anywhere, but it's probably possible to set up an SMTP server in the same network as the Evilginx server and automation check if creds were captured every 5 minutes or so. And then email it if there were new captures. I'll probably mess with that over the holidays
@geeeX3 10 ай бұрын
@@villaroot @villaroot I think I saw something like that on a post but that's not what I mean. although i am still working on it but I want to try something different like adding an ajax submit to the phishlet via js_inject to post the form data to external url.
@NitishKumarPatra 10 ай бұрын
Can we eject the cd icon later on or it is required to be there all the time ?
@villaroot 10 ай бұрын
You can eject it later on. It pretty much just needed to be there so that you can run the installation script. Once that script is ran, you are good to remove the disk.
@NitishKumarPatra 10 ай бұрын
@@villaroot Hey thanks 👍
@devonschulz3415 10 ай бұрын
thx bro, but i think we will require more details than this. especially for those of us who have not used burpsuite before. how do we get each params of the phishlets yaml file from burpsuite ?
@guy2355 10 ай бұрын
Thanks for this informative video
@streamkeeper4462 10 ай бұрын
Literally just enroll in SimplerHacking’s evilginx3 course he just released. He explains everything a lot better on his repos
@mybiggestdreamsfulfilled1028 10 ай бұрын
Is there and easier way to do this. Are you using multiple aws ssh instances for this? If yes how are you switching between between them I don't know if I can do this with putty. If no, are you running burpsuite on a separate virtual machine like VMware?
@elidort8529 10 ай бұрын
You got any idea on how to send the captured cookies and credentials to a telegram bot ?
@villaroot 10 ай бұрын
I dont know if there's a way. I haven't messed with telegram bots to really understand how they can be set up. I have been asked that a few times though, so maybe someone has a post about it in some corner of the Internet
@elidort8529 10 ай бұрын
@villaroot okay. In case I find out, I will let you know.
@user-ff2ro4sf5w 11 ай бұрын
how to make result go to dashboard panel ?
@user-ff2ro4sf5w 11 ай бұрын
why link after i make it close when i close putty < i want fix that > please help me
@villaroot 11 ай бұрын
If you close putty, your link should still be active. Putty will close your connection to the server but the server and Evilginx will remain active
@user-ff2ro4sf5w 11 ай бұрын
can i do dashboard to see result cookies there ? @@villaroot
@georgesiere161 11 ай бұрын
Excellent run through!
@i_am_dumb1070 11 ай бұрын
Dear sir i have watched and followed along with these 4 videos , i am noob in cybersecurity soo i have some questions ,,, whois lookup will disclose our identity because of this domain so are there any services which provide temporary domains also we are hosting on cloud and it is easily traceable as we put a lot of personal data while making an account so it would be easy to find us , is there any private cloud hosting service where we can pay in monero,etc and easily spin up a server ,, also for the emails i learned from your video how to hide phish url but what about the email address we are sending from like gmail , it will be linked back to us so is there any service to get temporary email or any email provider which keeps our info hidden from law enforcement. What i want to know is how this happens in real world because the method you showed is good for targeting friends and family but not for any company , i have no ill intent i just passed high school and have been learning on tryhckme and online courses so i am just curious .