QRLJacking or Quick Response Code Login Jacking is a simple-but-nasty attack vector affecting all the applications that relays on “Login with QR code” feature as a secure way to login into accounts which aims for hijacking users session by attackers.
QrlJacker Module(grabber/whatsapp) > run
[+] Using the default useragent
[+] Running a thread to keep the QR image [whatsapp]
Exception in thread QR updater thread:
Traceback (most recent call last):
[+] Waiting for sessions on whatsapp
File "/usr/lib/python3.10/threading.py", line 1016, in _bootstrap_inner
self.run()
File "/usr/lib/python3.10/threading.py", line 953, in run
[+] Running a thread to detect Idle once it happens then click the QR reload button [whatsapp]
self._target(*self._args, **self._kwargs)
File "/home/kali/Downloads/QRLJacking/QRLJacker/core/browser.py", line 133, in website_qr
[+] Initializing webserver... [whatsapp]
Exception in thread Idle detector thread:
QrlJacker Module(grabber/whatsapp) > Traceback (most recent call last):
File "/usr/lib/python3.10/threading.py", line 1016, in _bootstrap_inner
Exception in thread Webserver manager thread:
Traceback (most recent call last):
self.run()
File "/usr/lib/python3.10/threading.py", line 1016, in _bootstrap_inner
controller = self.browsers[module_name]["Controller"]
KeyError: 'whatsapp'
File "/usr/lib/python3.10/threading.py", line 953, in run
self._target(*self._args, *self._kwargs)
File "/home/kali/Downloads/QRLJacking/QRLJacker/core/browser.py", line 149, in check_img
self.run()
File "/usr/lib/python3.10/threading.py", line 953, in run
controller = self.browsers[module_name]["Controller"]
KeyError: 'whatsapp'
self._target(self._args, **self._kwargs)
File "/home/kali/Downloads/QRLJacking/QRLJacker/core/browser.py", line 167, in serve_module
self.browsers[module_name]["host"] = "http://"+host
KeyError: 'whatsapp'
QrlJacker Module(grabber/whatsapp) > run [+] Using the default useragent [+] Running a thread to keep the QR image [whatsapp] Exception in thread QR updater thread: Traceback (most recent call last): [+] Waiting for sessions on whatsapp File "/usr/lib/python3.10/threading.py", line 1016, in _bootstrap_inner self.run() File "/usr/lib/python3.10/threading.py", line 953, in run [+] Running a thread to detect Idle once it happens then click the QR reload button [whatsapp] self._target(*self._args, **self._kwargs) File "/home/kali/Downloads/QRLJacking/QRLJacker/core/browser.py", line 133, in website_qr [+] Initializing webserver... [whatsapp] Exception in thread Idle detector thread:
QrlJacker Module(grabber/whatsapp) > Traceback (most recent call last): File "/usr/lib/python3.10/threading.py", line 1016, in _bootstrap_inner Exception in thread Webserver manager thread: Traceback (most recent call last): self.run() File "/usr/lib/python3.10/threading.py", line 1016, in _bootstrap_inner controller = self.browsers[module_name]["Controller"] KeyError: 'whatsapp' File "/usr/lib/python3.10/threading.py", line 953, in run self._target(*self._args, *self._kwargs) File "/home/kali/Downloads/QRLJacking/QRLJacker/core/browser.py", line 149, in check_img self.run() File "/usr/lib/python3.10/threading.py", line 953, in run controller = self.browsers[module_name]["Controller"] KeyError: 'whatsapp' self._target(self._args, **self._kwargs) File "/home/kali/Downloads/QRLJacking/QRLJacker/core/browser.py", line 167, in serve_module self.browsers[module_name]["host"] = "http://"+host KeyError: 'whatsapp'