search

EmpireProject / Empire

Empire is a PowerShell and Python post-exploitation agent.
http://www.powershellempire.com/
BSD 3-Clause "New" or "Revised" License
7.39k stars 2.81k forks source link

onedrive: Something went wrong, HTTP response 401, error code [70002]: AADSTS70002: The provided request must include a 'client_secret' input parameter. #1303

Closed theoneandonly-vector closed 5 years ago

theoneandonly-vector commented 5 years ago

Empire Version

2.5

OS Information (Linux flavor, Python version)

Kali Rolling using python 2.7

Expected behavior and description of the error, including any actions taken immediately prior to the error. The more detail the better.

set ClientID (CLIENTID) execute -> open link in firefox to get (AUTHCODE) set AuthCode (AUTHCODE) execute

Screenshot of error, embedded text output, or Pastebin link to the error

(Empire: listeners/onedrive) > execute [] Starting listener 'onedrive' [!] Something went wrong, HTTP response 401, error code [70002]: AADSTS70002: The provided request must include a 'client_secret' input parameter. Trace ID: (TRACE_ID) Correlation ID: (CORR_ID) Timestamp: (TIMESTAMP) Exception in thread Thread-8: Traceback (most recent call last): File "/usr/lib/python2.7/threading.py", line 801, in bootstrap_inner self.run() File "/opt/Empire/lib/common/helpers.py", line 936, in run self.run_backup() File "/usr/lib/python2.7/threading.py", line 754, in run self.target(self.args, **self.kwargs) File "/opt/Empire//lib/listeners/onedrive.py", line 619, in start_server token = get_token(client_id, auth_code) File "/opt/Empire//lib/listeners/onedrive.py", line 496, in get_token r_token['expires_at'] = time.time() + (int)(r_token['expires_in']) - 15 KeyError: 'expires_in'

Any additional information

mr64bit commented 5 years ago

This has been fixed in the dev branch, will be released to master shortly.

theoneandonly-vector commented 5 years ago

hm.. what exactly is CLientSecret? I thought it was Application Secrets -> Password but that's not working.

mr64bit commented 5 years ago

Application password is correct. Is it giving the same error message?

On Mon, Jan 21, 2019 at 6:36 PM theoneandonly-vector < notifications@github.com> wrote:

hm.. what exactly is CLientSecret? I thought it was Application Secrets -> Password but that's not working.

— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/EmpireProject/Empire/issues/1303#issuecomment-456225115, or mute the thread https://github.com/notifications/unsubscribe-auth/ACFwUDQ8HNnHBzNKCTC71YsEq6Qex2Uxks5vFk8QgaJpZM4Z88KQ .

theoneandonly-vector commented 5 years ago

it tells me invalid client secret is provided

theoneandonly-vector commented 5 years ago

weird thing.. after re-trying its working now (didn't even change the client secret option in empire but now I get another error.. (screenshot) image

theoneandonly-vector commented 5 years ago

just tried again from scratch, working now.