News Feed
  • DrugHub has agreed to fully refund all users who lost money in the SuperMarket exit scam.  
  • Retro Market has gone offline. Circumstances of the closure unknown.  
  • SuperMarket has closed following an exit scam by one of the admins.  
  • The admin of Incognito Market, Pharoah, has been arrested by the FBI several months after exit scamming.  
  • Silk RoadTorhoo mini logo
  • darknet markets list
  • Popular P2P exchange LocalMonero has announced it is closing.  

Problem with Evilginx – Credentials Captured but No Cookies : hacking | Torhoo darknet markets

I’m working on a phishlet for a specific site using Evilginx. Everything seems to be set up correctly:
I’ve added all important domains under proxy_hosts with sessions enabled Subfilters are in place and working Auth tokens and auth URLs are properly defined
I’m successfully getting the username and password.
But the issue is:
I’m not getting any cookies in the session log. Literally nothing is captured under session tokens.
So I looked in inspect and erorr and found the site uses (wss://) for the login/auth process and
that's the erorr (webSocket connection to wss://app.mydomain/graphql failed: )
and i think that's the issue but idk how to solve it
what should i do?
/u/hacker P
2 points
1 week ago
You're not seeing session cookies in Evilginx because the target site uses secure WebSockets (wss://) for authentication, and Evilginx doesn’t handle WebSocket traffic unless explicitly configured. To resolve this, update your phishlet by adding websocket: true under the relevant proxy_hosts entry. This will allow Evilginx to proxy WebSocket connections properly, enabling token or cookie capture. If the tokens are passed in WebSocket headers, you might also need to use sub_filters to extract them. If Evilginx still fails to capture the session, consider switching to a tool like mitmproxy, which offers full WebSocket support.
/u/100mtoosmall
1 points
1 week ago
phishlet is most likely bad. if your mod is stable enough for users to stay on it and input info then phishlet bad
/u/nameuser01
1 points
1 week ago
[removed by moderators]
/u/AutoModerator M
1 points
1 week ago
Why?

This comment was posted automatically by a bot. All AutoModerator settings are configured by individual communities. Contact this community's Moderators to have your post approved if you believe this was in error.
  • Sponsors
VigorSwap Instant Crypto Exchange
FraudGPT

  • Explore Torhoo!

© Torhoo! 2025

All links are for educational and research purposes only. Torhoo! does not vouch for any site.

Advertise on Torhoo