thelocotauren

Hi Digip, the problem is not with the dns server, i understand why a dns poisoning attack wouldn't work, either by an internal verification or by hsts. But i'm accesing directly via another url, not facebook's url. Also, i've noticed that when i use it with an internal ip eg 192.168.0.X or 10.10.16.X, it works perfectly and doesn't show any alert. However, when i try it with a public ip or a free url service such as 000webhosting, it shows a phishing alert. I'm thinking maybe it detects certain known websites, but it's definitely strange. No other browser is picking it up.

Hi guys, im having troubles with the credential harvester. Im testing it with facebook on my local network, and firefox/Iceweasel doesn't detect anything, but chrome detects it after 5'. I've read that this is a built in function, not a blacklisted url. Does anybody know how to bypass this phishing alert? I've tried obfuscating the html code and that didin't work out. Thanks!