search

OWASP / QRLJacking

QRLJacking or Quick Response Code Login Jacking is a simple-but-nasty attack vector affecting all the applications that relays on “Login with QR code” feature as a secure way to login into accounts which aims for hijacking users session by attackers.
GNU General Public License v3.0
1.35k stars 615 forks source link

What is the problem guys #159

Closed shelby-67 closed 3 years ago

shelby-67 commented 3 years ago

[+] Using the default useragent [+] Running a thread to keep the QR image [whatsapp] Exception in thread QR updater thread: Traceback (most recent call last): File "/usr/lib/python3.9/threading.py", line 954, in _bootstrap_inner self.run() File "/usr/lib/python3.9/threading.py", line 892, in run self._target(*self._args, *self._kwargs) File "/root/QRLJacking/QRLJacker/core/browser.py", line 133, in website_qr controller = self.browsers[module_name]["Controller"] KeyError: 'whatsapp' [+] Waiting for sessions on whatsapp [+] Running a thread to detect Idle once it happens then click the QR reload button [whatsapp] Exception in thread Idle detector thread: Traceback (most recent call last): File "/usr/lib/python3.9/threading.py", line 954, in _bootstrap_inner self.run() File "/usr/lib/python3.9/threading.py", line 892, in run self._target(self._args, **self._kwargs) File "/root/QRLJacking/QRLJacker/core/browser.py", line 149, in check_img controller = self.browsers[module_name]["Controller"] KeyError: 'whatsapp' [+] Initializing webserver... [whatsapp]

QrlJacker Module(grabber/whatsapp) > Exception in thread Webserver manager thread: Traceback (most recent call last): File "/usr/lib/python3.9/threading.py", line 954, in _bootstrap_inner self.run() File "/usr/lib/python3.9/threading.py", line 892, in run self._target(*self._args, **self._kwargs) File "/root/QRLJacking/QRLJacker/core/browser.py", line 167, in serve_module self.browsers[module_name]["host"] = "http://"+host KeyError: 'whatsapp'

melbadry9 commented 3 years ago

Please make sure to check closed/pinned issues.