search

OWASP / QRLJacking

QRLJacking or Quick Response Code Login Jacking is a simple-but-nasty attack vector affecting all the applications that relays on “Login with QR code” feature as a secure way to login into accounts which aims for hijacking users session by attackers.
GNU General Public License v3.0
1.35k stars 615 forks source link

Is this project dead ? #240

Open dr1408 opened 8 months ago

dr1408 commented 8 months ago

Im using arm7 phone and made it work with unrooted termux and xfce desktop to export display to vnc i got the sessions captured but when i eter any conversation on firefox in the vnc firefox crashes immediately

this is the geckodriver traceback

Crash Annotation GraphicsCriticalError: |[C0][GFX1-]: CompositorBridgeChild receives IPC close with reason=AbnormalShutdown (t=80.6358) Exiting due to channel error. Exiting due to channel error. 1705551185835 geckodriver INFO Listening on 127.0.0.1:39869 1705551195254 mozrunner::runner INFO Running command: MOZ_CRASHREPORTER="1" MOZ_CRASHREPORTER_NO_REPORT="1" MOZ_CRASHREPORTER_SHUTDOWN="1" MOZ_NO_REMOTE="1" "/dat ... 46607" "--remote-allow-hosts" "localhost" "-no-remote" "-profile" "/data/data/com.termux/files/> Read port: 39865 Read port: 39865 Read port: 39865 Read port: 39865 Read port: 39865 Read port: 39865 console.warn: services.settings: Ignoring preference override of remote settings server console.warn: services.settings: Allow by setting MOZ_REMOTE_SETTINGS_DEVTOOLS=1 in the environment Read port: 39865 Read port: 39865 Read port: 39865 Read port: 39865 Read port: 39865 Read port: 39865 Read port: 39865 Read port: 39865 Read port: 39865 Read port: 39865 Read port: 39865 Read port: 39865 Read port: 39865 Read port: 39865 Read port: 39865 Read port: 39865 1705551197478 Marionette INFO Marionette enabled Read port: 39865 Read port: 39865 1705551197732 Marionette INFO Listening on port 36577 Read port: 36577 WebDriver BiDi listening on ws://127.0.0.1:46607 1705551198233 RemoteAgent WARN TLS certificate errors will be ignored for this session console.error: ({}) console.error: "Translations: SIMD not supported" (new CompileError("at offset 15: bad type", "chrome://global/content/translations/simd-detect-worker.js", 14)) DevTools listening on ws://127.0.0.1:46607/devtools/browser/a45657dd-1c54-44ff-ba84-056b9b8dd960 JavaScript warning: https://web.whatsapp.com/main.0cf917fc9b3d8f353e54.js, line 5: unreachable code after return statement JavaScript warning: https://web.whatsapp.com/main.0cf917fc9b3d8f353e54.js, line 5: unreachable code after return statement JavaScript error: resource://gre/modules/PromiseWorker.sys.mjs, line 102: Error: Could not get children of file(/data/data/com.termux/files/usr/tmp/rust_mozprofileSvOYg0/thumbnails) because it does not exist Exiting due to channel error. Exiting due to channel error.

How can i fix it or any work out to use this tool on the phone browser not the vncviewer ?

dr1408 commented 8 months ago

Please help i fixes so many issues manually no one is responding

@melbadry9 @samm0uda @Lekssays @0xGuindi @Kiro24 @MohamedAbdultawab @mohmyo @OmarMerghany @TheRubick @mikeashi @mxfoxawy @LucaReggiannini

dr1408 commented 8 months ago

I turned off marionette because I thought it's the reason from browser.py but it still moderating in the firefox page please I need make it work

dr1408 commented 8 months ago

Is it a problem of that my phone is not rooted so firefox can't get the tmp folder that is in $PREFIX/tmp or because the conversations are in arabic maybe

dr1408 commented 8 months ago

Is it related to content security policy in firefox ? Pls someone answer should i disable this to get it work ?