Divina Posted February 15 Share Posted February 15 Hi, I have a registered domain, which is hosted on ubuntu server. It has a valid certificate and is accessible. I installed evilginx2 on that machine as well, but came to know it produces a port conflict (both web server and evilginx2 use port 443), so the setup is problematic. Upon the evilginx2 command - 'phishlets enable okta' - I was able to successfully generate a certificate. However, trying to operate evilginx2 on a different server (Debian), due to the ports conflict issue, -when evilginx2 tries to generate a certificate, it produces the following errors: acme: Error -> One or more domains had a problem: [example.mydomain.com] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: <ip_address>: Invalid response from http://example.mydomain.com/.well-known/acme-challenge/bivLYVcw77MxEYT4YVRuraLD84wqS9zhDPWNYZ6EACM: 404, url: [login.mydomain.com] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: <ip_address>: Invalid response from http://login.mydomain.com/.well-known/acme-challenge/2vRb0_BMD1U2UOt9xjPHaMOV10mE3_dcuuBBZVg2wV0: 404, url: [mydomain.com] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: <ip_address>: Invalid response from https://mydomain.com/.well-known/acme-challenge/6I8p_RSElaMSL8l2Rf_5iigGCJJzTbMFPiKrD8D-MUI: 404, url: Why cert generation works on the server holding the domain, but fails on the debian machine with evilginx? any advice would help! Quote Link to comment Share on other sites More sharing options...
Irukandji Posted February 15 Share Posted February 15 This is a ethical hacking forum.. Quote Link to comment Share on other sites More sharing options...
Divina Posted February 15 Author Share Posted February 15 So where should I post this? Quote Link to comment Share on other sites More sharing options...
digininja Posted February 15 Share Posted February 15 What are you planning to use this for? What are you trying to achieve? Quote Link to comment Share on other sites More sharing options...
Divina Posted February 15 Author Share Posted February 15 the purpose is to use it on myself, to learn the tool. Can you assist? Quote Link to comment Share on other sites More sharing options...
digininja Posted February 15 Share Posted February 15 From what I can see, using domain based authentication, it will only give the certificate to the server that is pointed at by the domain, so your Debian box isn't allowed the certificate as it can't show it owns the domain. Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 15 Share Posted February 15 I guess that Letsencrypt is used judging from briefly reading the evilginx2 documentation (and also by looking at the previously posted output). The "HTTP-01 challenge" at least needs port 80 to be open to verify control of a domain. Quote Link to comment Share on other sites More sharing options...
digininja Posted February 15 Share Posted February 15 For free certificates it will be LE. LE can handle port 443 as the only port. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.