EvilnoVNC is a Ready to go Phishing Platform. Unlike other phishing techniques, EvilnoVNC allows 2FA bypassing by using a real browser over a noVNC connection.
In addition, this tool allows us to see in real-time all of the victim's actions, access to their downloaded files, and the entire browser profile, including cookies, saved passwords, browsing history, and much more.
Requirements
- Docker
- Chromium
Download
It's recommended to clone the complete repository or download the zip file.
Additionally, it's necessary to build Docker manually. You can do this by running the following commands:
git clone https://github.com/JoelGMSec/EvilnoVNC
cd EvilnoVNC ; sudo chown -R 103 Downloads
sudo docker build -t joelgmsec/evilnovnc .
Usage
./start.sh -h
_____ _ _ __ ___ _ ____
| ____|_ _(_) |_ __ __\ \ / / \ | |/ ___|
| _| \ \ / / | | '_ \ / _ \ \ / /| \| | |
| |___ \ V /| | | | | | (_) \ V / | |\ | |___
|_____| \_/ |_|_|_| |_|\___/ \_/ |_| \_|\____|
---------------- by @JoelGMSec --------------
Usage: ./start.sh $resolution $url
Examples:
1280x720 16bits: ./start.sh 1280x720x16 http://example.com
1280x720 24bits: ./start.sh 1280x720x24 http://example.com
1920x1080 16bits: ./start.sh 1920x1080x16 http://example.com
1920x1080 24bits: ./start.sh 1920x1080x24 http://example.com
The detailed guide of use can be found at the following link:
https://darkbyte.net/robando-sesiones-y-bypasseando-2fa-con-evilnovnc
Features & To Do
- Export Evil-Chromium profile to host
- Save download files on the host
- Disable parameters in URL (like a password)
- Disable key combinations (like Alt+1 or Ctrl+S)
- Disable access to Thunar
- Decrypt cookies in real-time
- Expand cookie life to 99999999999999999
- Dynamic title from the original website
- Dynamic resolution from preload page
- Replicate real user-agent and other stuff
- Basic keylogger
Credits and Acknowledgments
Original idea by @mrd0x: https://mrd0x.com/bypass-2fa-using-novnc
This tool has been created and designed from scratch by Joel Gámez Molina // @JoelGMSec