forked from kgretzky/evilginx
-
Notifications
You must be signed in to change notification settings - Fork 0
/
CHANGELOG
36 lines (34 loc) · 2.45 KB
/
CHANGELOG
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
version 1.1.0 (2017-06-01):
[+] Added iCloud.com support.
[+] Added Live.com support.
[+] Specifying domain name with 'setup --enable' is now optional if site was enabled before.
[+] Added ability to specify custom SSL/TLS certificates with --crt and --key arguments.
Custom certificates will be remembered and can be removed with --use_letsencrypt parameter.
[+] Added 'server_names_hash_bucket_size: 128' to support long hostnames.
[+] Fixed rare issue, which could be triggered when only visitor's email was identified at the time
of truncating logs, after parsing, breaking the chain of logged requests, which would miss an
email address on next parse.
[+] Fixed several typos in site config files. (@poweroftrue)
[+] Fixed issue with Nginx proxy bailing out on receiving too big upstream responses.
[+] Fixed issue with Facebook overwriting redirection cookie with 'deleted' (@poweroftrue)
[+] Fixed "speedbump" redirection for Google site config that asks user to provide his phone number.
[+] Fixed bug that would raise exception when disabling site configs without them being enabled first.
[+] Nginx access_log directory can now be changed with VAR_LOGS constant in evilginx.py.
[+] Added 'update.sh' file which should be executed after every 'git pull' to update nginx config files.
[+] Added Dockerfile
version 1.0.1 (2017-05-08):
[+] Fixed '[warn] duplicate MIME type "text/html"' warnings in /var/log/nginx/error.log.
[+] Added Kali Linux compatibility to install.sh script.
version 1.0 (2017-04-26) :
[+] Created central script for handling setup, parsing and generating urls.
[+] Added install.sh script that will single-handedly install Evilginx package on Debian.
[+] Added support for adding external site templates in framework-like manner.
[+] Added sites support for following websites: Facebook, Dropbox, Linkedin and new Google sign-in page.
[+] Reorganized code and directory structure to be more accessible for future development.
[+] Redirection URLs can now be embedded into phishing URLs using base64 encoding.
[+] Setup script allows to enable automatic logs parsing every minute.
[+] Setup script automatically handles SSL/TLS certificate retrieval from LetsEncrypt and its renewal.
[+] Added regular expressions for parsing POST arguments via .creds config files.
[+] Fixed: Opening Evilginx site via HTTP will now properly redirect to HTTPS.
[+] Fixed: 'Origin' and 'Referal' HTTP headers are now properly modified.
[+] Fixed: Minor bugs and stability issues.