search

OWASP / QRLJacking

QRLJacking or Quick Response Code Login Jacking is a simple-but-nasty attack vector affecting all the applications that relays on “Login with QR code” feature as a secure way to login into accounts which aims for hijacking users session by attackers.
GNU General Public License v3.0
1.33k stars 619 forks source link

Run command does not work, I tried many many things. #215

Closed stolktech closed 1 year ago

stolktech commented 1 year ago

Running the framework does not work. I tried kali (Virtualbox and native install) and ubuntu.

I installed the latest geckodriver and also tried some other versions. When typing 'run' it hangs for a while, and ends up with the message 'Run is not recognized as an internal command !'.

I also tried multiple python versions (even 3.7).

When I open the geckodriver logs, this is the output:

1686153643396 Marionette INFO Stopped listening on port 45983 Missing chrome or resource URL: resource://gre/modules/UpdateListener.jsm Missing chrome or resource URL: resource://gre/modules/UpdateListener.sys.mjs console.error: "Error during quit-application-granted: [Exception... \"File error: Not found\" nsresult: \"0x80520012 (NS_ERROR_FILE_NOT_FOUND)\" location: \"JS frame :: resource:///modules/BrowserGlue.jsm :: _onQuitApplicationGranted/tasks< :: line 1996\" data: no]" 1686153904559 geckodriver INFO Listening on 127.0.0.1:59633 1686153904579 mozrunner::runner INFO Running command: "/usr/bin/firefox" "--marionette" "--headless" "--remote-debugging-port" "48107" "--remote-allow-hosts" "localhost" "-no-remote" "-profile" "/tmp/rust_mozprofilezCumdJ" *** You are running in headless mode. 1686153904770 Marionette INFO Marionette enabled 1686153904773 Marionette INFO Listening on port 37693 WebDriver BiDi listening on ws://localhost:48107 Read port: 37693 1686153904855 RemoteAgent WARN TLS certificate errors will be ignored for this session [GFX1-]: RenderCompositorSWGL failed mapping default framebuffer, no dt console.warn: SearchSettings: "get: No settings file exists, new profile?" (new NotFoundError("Could not open the file at /tmp/rust_mozprofilezCumdJ/search.json.mozlz4", (void 0))) Missing chrome or resource URL: resource://gre/modules/UpdateListener.jsm Missing chrome or resource URL: resource://gre/modules/UpdateListener.sys.mjs DevTools listening on ws://localhost:48107/devtools/browser/53c100e6-fb5c-4b8e-a1b5-5c9fe1747acc

LucaReggiannini commented 1 year ago

Hello, please launch Qrljacker and use verbose and debug commands to increment the verbosity of the output. Write here the full output (from the program start to the error).

MrDark96 commented 1 year ago

Help me

QrlJacker Module(grabber/whatsapp) > run
[+] Using the default useragent
[!] Couldn't open Firefox! Check the installation instructions again!

QrlJacker Module(grabber/whatsapp) > verbose
[+] Verbose mode enabled!

QrlJacker Module(grabber/whatsapp) > debug
[+] Debug mode enabled!

QrlJacker Module(grabber/whatsapp) > set port 3999 [+] port => 3999

QrlJacker Module(grabber/whatsapp) > run
[+] Using the default useragent
Exception: WebDriver.init() got an unexpected keyword argument 'executable_path'
Trackback:
Traceback (most recent call last):
File "/root/Downloads/QRLJacking/QRLJacker/core/browser.py", line 76, in new_session
new_headless[module_name]["Controller"] = Firefox(profile, executable_path="/usr/local/share/geckodriver", capabilities=caps)#options=self.opts) # Inserting the browser object
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
TypeError: WebDriver.init() got an unexpected keyword argument 'executable_path'
[!] Couldn't open Firefox! Check the installation instructions again!

LucaReggiannini commented 1 year ago

Seems that this problem depends on Selenium (it seems a known issue) and not on QRLJacker. Please take a look at https://github.com/mintapi/mintapi/issues/603 for the temporary fix

MrDark96 commented 1 year ago

Thanks a lot for your Help The problem is solved