Evilginx2 x GoPhish to hunt for 2fa / mfa passwords & Cookies using AWS & Godaddy

JayHill
5 min readJan 6, 2022

This is a walk through on how to setup Evilginx2 on an AWS server in order to use it with gophish to steal cookies during phishing attacks.

  1. Sign up for an Amazon AWS account at aws.amazon.com, then select and instance to run the Evilginx server on. I used a debian instance.
  2. Once AWS is installed you will need to install git. In order to do that update your AWS instance and upgrade it by running sudo apt-get update
  3. Next run sudo apt-get install git-all

4. You should now have git installed into your debian AWS instance.

5. Now its time to install. Go into your AWS instance. Go to https://gist.github.com/d2s/6503f815431d1587c28bc37bfd715dbf and use the bash script to install go, the article referenced above is a little outdated but should still work.

6. After running the go install script insure that go is working. By typing go it should return a similar response to the one below.

7. You may have to restart your AWS server sudo reboot, in order for it to work after the initial install.

8. Next install make, using sudo apt-get install make in your terminal.

9. Time to download evilginx2 from source in your terminal run:

git clone https://github.com/jayhill365/evilginx2.git

10. Go into the evilginx folder created and run make evilginx2 to build it.

11. Install evilginx2 globally sudo make install sudo evilginx

--

--