QRL Code is being replacing

OWASP / QRLJacking

QRLJacking or Quick Response Code Login Jacking is a simple-but-nasty attack vector affecting all the applications that relays on “Login with QR code” feature as a secure way to login into accounts which aims for hijacking users session by attackers.

GNU General Public License v3.0

1.37k stars 618 forks source link

QRL Code is being replacing #143

Closed karthik07m closed 3 years ago

karthik07m commented 3 years ago

After some QRL code image is being replaced by "CLICK TO RELOAD QR CODE". Please find the image below Capture

demurk commented 3 years ago

Had same problem. You need to change file QRLJacking/QRLJacker/core/modules/grabber/whatsapp.py Replace img_reload_button = '/html/body/div[1]/div/div/div[2]/div[1]/div/div[2]/div/span/div' string with img_reload_button = '/html/body/div/div[1]/div/div[2]/div[1]/div/div[2]/div/span/button'

This worked for me

cristbaby commented 3 years ago

Me funcionó a la perfección