EvilnoVNC: 2FA bypassing by using a real browser over a noVNC connection

EvilnoVNC

EvilnoVNC is a Ready to go Phishing Platform.

Unlike other phishing techniques, EvilnoVNC allows 2FA bypassing by using a real browser over a noVNC connection.

In addition, this tool allows us to see in real time all of the victim’s actions, access to their downloaded files, and the entire browser profile, including cookies, saved passwords, browsing history, and much more.

Features & To Do

•  Export Evil-Chromium profile to host
• Save download files on the host
•  Disable parameters in URL (like password)
•  Disable key combinations (like Alt+1 or Ctrl+S)
•  Disable access to Thunar
•  Decrypt cookies in real time
•  Dynamic resolution from preload page
•  Replicate real user-agent and other stuff
•  Basic keylogger

Install

Requirement

• Docker
• Chromium

Download

It’s recommended to clone the complete repository or download the zip file.
Additionally, it’s necessary to build Docker manually. You can do this by running the following commands:

git clone https://github.com/JoelGMSec/EvilnoVNC
cd EvilnoVNC ; sudo chown -R 103 Downloads
sudo docker build -t joelgmsec/evilnovnc .

Use

Tutorial

Copyright (C) 2022 JoelGMSec