Test Modlishka MFA Bypass
Open up a new private browsing window, then visit http://modlishka.docker/?rid=test0001. We’ll make up a fake rid value to help us track our progress.
Go through the authentication flow. You can Modlishka seamlessly handles the redirects and the MFA authentication flow.
So we are stuck at a loading screen. this is because we hit the terminate trigger URL while loading a page.
If we refresh the page we’ll get redirected to our termination URL. Kind of jarring, but still acceptable.
Now that we’ve completed our login, lets check out the Modlishka data. Open http://modlishka.docker/livewell/, login with the credentials we configured (phisherman:phisherpass).
Click View Cookies on our testing UUID.
Now we can copy the value of the authentik_session cookie. Open http://auth.target.docker:9000 in a new private browsing window, and update the cookie value using developer tools.
Once completed, visit the root URL again http://auth.target.docker:9000/
We are now logged in as the target.