Divina Posted February 15, 2023 Share Posted February 15, 2023 Hi, I have a registered domain, which is hosted on ubuntu server. It has a valid certificate and is accessible. I installed evilginx2 on that machine as well, but came to know it produces a port conflict (both web server and evilginx2 use port 443), so the setup is problematic. Upon the evilginx2 command - 'phishlets enable okta' - I was able to successfully generate a certificate. However, trying to operate evilginx2 on a different server (Debian), due to the ports conflict issue, -when evilginx2 tries to generate a certificate, it produces the following errors: acme: Error -> One or more domains had a problem: [example.mydomain.com] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: <ip_address>: Invalid response from http://example.mydomain.com/.well-known/acme-challenge/bivLYVcw77MxEYT4YVRuraLD84wqS9zhDPWNYZ6EACM: 404, url: [login.mydomain.com] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: <ip_address>: Invalid response from http://login.mydomain.com/.well-known/acme-challenge/2vRb0_BMD1U2UOt9xjPHaMOV10mE3_dcuuBBZVg2wV0: 404, url: [mydomain.com] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: <ip_address>: Invalid response from https://mydomain.com/.well-known/acme-challenge/6I8p_RSElaMSL8l2Rf_5iigGCJJzTbMFPiKrD8D-MUI: 404, url: Why cert generation works on the server holding the domain, but fails on the debian machine with evilginx? any advice would help! Link to comment Share on other sites More sharing options...
Irukandji Posted February 15, 2023 Share Posted February 15, 2023 This is a ethical hacking forum.. Link to comment Share on other sites More sharing options...
Divina Posted February 15, 2023 Author Share Posted February 15, 2023 So where should I post this? Link to comment Share on other sites More sharing options...
digininja Posted February 15, 2023 Share Posted February 15, 2023 What are you planning to use this for? What are you trying to achieve? Link to comment Share on other sites More sharing options...
Divina Posted February 15, 2023 Author Share Posted February 15, 2023 the purpose is to use it on myself, to learn the tool. Can you assist? Link to comment Share on other sites More sharing options...
digininja Posted February 15, 2023 Share Posted February 15, 2023 From what I can see, using domain based authentication, it will only give the certificate to the server that is pointed at by the domain, so your Debian box isn't allowed the certificate as it can't show it owns the domain. Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 15, 2023 Share Posted February 15, 2023 I guess that Letsencrypt is used judging from briefly reading the evilginx2 documentation (and also by looking at the previously posted output). The "HTTP-01 challenge" at least needs port 80 to be open to verify control of a domain. Link to comment Share on other sites More sharing options...
digininja Posted February 15, 2023 Share Posted February 15, 2023 For free certificates it will be LE. LE can handle port 443 as the only port. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.