search

Octoberfest7 / TeamsPhisher

Send phishing messages and attachments to Microsoft Teams users
1.03k stars 129 forks source link

Error uploading file: 401 #1

Closed DarknightCanada closed 1 year ago

DarknightCanada commented 1 year ago

First of all thank you for the tool!

I am testing your tool however it fails to upload file on SharePoint! I made sure my user has the full control rights to upload file on SharePoint however keeps failing! Any insight of how can I fix it?

`Operational mode: Sending phishing messages to targets!

Time left to abort: 00

Authenticating, verifying files, and uploading attachment

Reading target email list..................................................[+] SUCCESS! Fetching Bearer token for Teams............................................[+] SUCCESS! Fetching Skype token.......................................................[+] SUCCESS! Fetching sender info.......................................................[+] SUCCESS! Fetching Bearer token for SharePoint.......................................[+] SUCCESS! Uploading file: .\README.MD................................................[-] Error uploading file: 401`

Octoberfest7 commented 1 year ago

401 means "Unauthorized"... Which is strange given you successfully retrieved the SharePoint token.

at line 326 in the program there is this: 

    # Seem to have seen both of these codes for file uploads...
    if content.status_code != 201 and content.status_code != 200:
        p_err("Error uploading file: %d" % (content.status_code), True)

make it look like this and re-run it in order to see the headers and body of the error

    # Seem to have seen both of these codes for file uploads...
    if content.status_code != 201 and content.status_code != 200:
        p_err("Error uploading file: %d" % (content.status_code), True)
        print(content.headers)
        print(content.text)
DarknightCanada commented 1 year ago

Same! Do not want to take much of your time but plz if you think of any other way to troubleshoot it let me know please. FYI! I can manually upload files on sharepoint
`Authenticating, verifying files, and uploading attachment

Reading target email list..................................................[+] SUCCESS! Fetching Bearer token for Teams............................................[+] SUCCESS! Fetching Skype token.......................................................[+] SUCCESS! Fetching sender info.......................................................[+] SUCCESS! Fetching Bearer token for SharePoint.......................................[+] SUCCESS! Uploading file: .\README.MD................................................[-] Error uploading file: 401`

Octoberfest7 commented 1 year ago

My bad, make it look like this: 

    # Seem to have seen both of these codes for file uploads...
    if content.status_code != 201 and content.status_code != 200:
        print(content.headers)
        print(content.text)
        p_err("Error uploading file: %d" % (content.status_code), True)

The way I had you do it before made the program exit before it printed the headres and text

DarknightCanada commented 1 year ago

Same thing dude! I am going to play with the python script to see if I can get it to work! thanks for taking the time to respond

`Configuration:

[-] Sending file link that is accessible by anyone with the link [-] No delay between messages [+] Using greeting: Hi, --personalize greeting: Hi , [-] Not logging TeamsPhisher output

Operational mode: Sending phishing messages to targets!

Time left to abort: 00

Authenticating, verifying files, and uploading attachment

Reading target email list..................................................[+] SUCCESS! Fetching Bearer token for Teams............................................[+] SUCCESS! Fetching Skype token.......................................................[+] SUCCESS! Fetching sender info.......................................................[+] SUCCESS! Fetching Bearer token for SharePoint.......................................[+] SUCCESS! Uploading file: .\README.MD................................................[-] Error uploading file: 401`

Octoberfest7 commented 1 year ago

You still got no output? As a sanity check, add a prefix to the print statements so you can be sure they are actually executing

# Seem to have seen both of these codes for file uploads...
if content.status_code != 201 and content.status_code != 200:
    print("failed headers: " + str(content.headers))
    print("failed body: " + str(content.text))
    p_err("Error uploading file: %d" % (content.status_code), True)
Octoberfest7 commented 1 year ago

The issue in this case was that when the user created their AAD tenant they gave the tenant a different 'Organization Name' than their 'Initial Domain Name' like in the below screenshot:

image

I truthfully didn't know/remember that there were two separate fields there or that someone might make them different. TeamsPhisher uses the 'tenantName' property to resolve the Sharepoint address, so in this case it was looking for Sharepoint at 'myorgname-my.sharepoint.com...' when it really lives at 'myorgnameiscool-my.sharepoint.com'

This has been fixed by now resolving the 'tenantName' by splitting out the domain name from the UPN e.g. 'tomjones@mycoolorg.onmicrosoft.com' would return 'mycoolorg' as the 'tenantName' field for subsequent use.

User was able to resolve this by going to AAD -> Properties and renaming their tenant to match the domain name.