I want to use traefik with evilginx. I have tried everything and all i get is page not found and ERR_TOO_MANY_REDIRECTS. Any help would be appreciated. thank you.
How about you share your configuration, then we can have a look at it. Traefik static and dynamic config, and docker-compose.yml
if used.
Although I am not sure if I want to support "Evilginx is a man-in-the-middle attack framework used for phishing credentials and session cookies".
Thank you for the reply @bluepuma77. This is my traefik Config. and im using evilginx for internally on my services.
version: "3.8"
services:
traefik:
image: "traefik:latest"
container_name: "traefik"
command:
- "--global.checknewversion=true"
- "--global.sendanonymoususage=false"
- "--log=true"
- "--log.level=INFO"
- "--api.dashboard=true"
- "--api.insecure=true"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.letsencrypt.acme.email=test@gmail.com"
- "--certificatesresolvers.letsencrypt.acme.storage=/traefik/letsencrypt/acme.json"
- "--certificatesresolvers.letsencrypt.acme.tlschallenge=true"
- "--certificatesresolvers.letsencrypt.acme.httpchallenge=true"
- "--certificatesresolvers.letsencrypt.acme.httpchallenge.entryPoint=web"
- "--entrypoints.web.http.redirections.entryPoint.to=websecure"
- "--entrypoints.web.http.redirections.entryPoint.scheme=https"
- "--certificatesresolvers.letsencrypt.acme.caserver=https://acme-v02.api.letsencrypt.org/directory"
#- "--certificatesresolvers.letsencrypt.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--providers.docker.watch=true"
- "--providers.file.filename=/traefik/tlsconfig.yml"
restart: always
networks:
- proxy
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./config:/traefik
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.rule=Host(`dashboard.mydomain.com`)"
- "traefik.http.middlewares.traefik-auth.basicauth.users=admin:hash"
- "traefik.http.routers.traefik.middlewares=traefik-auth"
- "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.routers.traefik.tls=true"
- "traefik.http.routers.traefik.tls.certresolver=letsencrypt"
- "traefik.http.services.traefik.loadbalancer.server.port=8080"
networks:
proxy:
external: true
volumes:
config:
my evilginx compose
version: "3.9"
services:
evilginx:
build: .
container_name: evilginx
restart: always
networks:
- proxy
volumes:
- './config:/root/.evilginx/'
- './templates:/app/templates'
- './phishlets:/app/phishlets'
stdin_open: true
tty: true
labels:
- "traefik.enable=true"
- "traefik.http.routers.evilginx.rule=Host(`evil.mydomain.com`,`login.evil.mydomain.com`) || HostRegexp(`{subdomain:[az0-9]+}.evil.mydomain.com`)"
- "traefik.http.routers.evilginx.service=evilginx"
- "traefik.http.routers.evilginx.tls=true"
- "traefik.http.routers.evilginx.tls.certresolver=letsencrypt"
- "traefik.http.services.evilginx.loadbalancer.server.port=443"
- "traefik.docker.network=proxy"
volumes:
data:
networks:
proxy:
external: true
Can you kindly format your config with 3 backticks before/after or using button </>
for easier reading?
You have two TLS challenge types enabled, decide for one.
Not sure if this line is necessary:
traefik.http.services.traefik.loadbalancer.server.port=8080
Are you sure you want Traefik to terminate TLS and then forward requests to a TLS port?
Check Traefik access log (format JSON provides more info), the log of your service and your bowsers developer tools network tab to find out who is redirecting where.
only one tls is enabled. The second one is commented out. port 8080 if for traefik admin dashboard
You set
That’s the port Traefik uses to forward requests to in the target service container.
thats for evilginx. i did port 80 and port 443 same problem. because evilginx uses that port 80 in local container.