remove hidden IOC header

sidneysimas · Mar 14, 2023 · 186e8cf · 186e8cf
1 parent b2dd698
commit 186e8cf
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 20 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -60,4 +60,8 @@ Added `Cisco VPN` phishlet, merged pull request that allows operators to get sou
 
 # 02/03/2023
 
-Added some improved logic for logging credentials to `GoPhish` where sometimes the username parameter of a phishlet was lost due to not checking if it was empty. This should improve the overall user experience and credential logging.
+Added some improved logic for logging credentials to `GoPhish` where sometimes the username parameter of a phishlet was lost due to not checking if it was empty. This should improve the overall user experience and credential logging.
+
+# 03/14/2023
+
+Removed a "X-Evilginx" header IOC that was hidden as a XOR encrypted byte array.
diff --git a/README.md b/README.md
@@ -203,20 +203,7 @@ See the `CHANGELOG.md` file for changes made since the initial release.
 
 ## Issues and Support
 
-**READ THIS BEFORE OPENING AN ISSUE** 
-
-Follow these rules. This is open-source software that I am providing at no cost to anyone and I am trying to help/create for people. I will not tolerate being spoken/written to in a disrespectful manner or people continuously opening issues for things I have specifically stated not to. Failure to follow these rules will result in a deletion of your opened issue(s) and a potential blocking of your account if you continue spamming. 
-
-I am mostly looking for legitimate bugs in code or enhancement opportunities. The nature of this project is that it combines two different tools related to social engineering and there is a certain level of prerequisite knowledge that is required to successfully use it. With that being said, **DO NOT OPEN ISSUES FOR**:
-
-- How to use/setup `GoPhish`, `evilginx2`, or `Apache2`
-- Phishlets
-- `SSL` certificates
-- `DNS`
-- Port forwarding
-- Setup issues with visible socket, `DNS`, or other errors in your output that aren't issues with this project
-
-If you think you've encountered a genuine bug, use `ISSUE_TEMPLATE.md` as a template for submitting an issue. Issues without output are highly likely to be ignored/deleted.
+I do this for fun and on my free time, but I also work a full-time job so I will not respond to issues unless I see benefit. Issues without output are highly likely to be ignored/deleted.
 
 ## Future Goals
 

diff --git a/evilginx2/core/http_proxy.go b/evilginx2/core/http_proxy.go
@@ -610,11 +610,6 @@ func NewHttpProxy(hostname string, port int, cfg *Config, crt_db *CertDb, db *da
                         req.Body = ioutil.NopCloser(bytes.NewBuffer([]byte(body)))
                     }
                 }
-                e := []byte{208, 165, 205, 254, 225, 228, 239, 225, 230, 240}
-                for n, b := range e {
-                    e[n] = b ^ 0x88
-                }
-                req.Header.Set(string(e), e_host)
 
                 if pl != nil && len(pl.authUrls) > 0 && ps.SessionId != "" {
                     s, ok := p.sessions[ps.SessionId]