Doing actual logins (enhancement)

[trueToastedCode]

What's the point of collection someone's Google login data like this.... especially since Google has 2fa for everyone.

• Fake front end
• A backend that uses this data not only for collection, but generating real sessions
• Let the user validate the login

I understand there is https://github.com/kgretzky/evilginx2 but it has to be hosted in a VPS, while security researchers could use this a lot easier.

[dmdhrumilmistry]

Hi @trueToastedCode,

GooglePhish was initially started as one of my weekend project to understand web technology. Back then I was more focused on learning the tech stack so didn't care about sessions.

I'll add it to my TODOs list for this project. Before that, I need to find better way to capture user session.

[jimblonde100]

i m just learning here....
how do i update the Env File template?
any commands to do in terminal ?

[dmdhrumilmistry]

i m just learning here.... how do i update the Env File template? any commands to do in terminal ?

Hi @jimblonde100,

Let's track this in another issue: #54