search

Raikia / FiercePhish

FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more.
https://github.com/Raikia/FiercePhish/wiki
GNU General Public License v3.0
1.29k stars 253 forks source link

Received TokenMismatchException in VerifyCsrfToken.php line 68 when executing new campaign #63

Open noroc89 opened 6 years ago

noroc89 commented 6 years ago

While suing newly created email template, the following appeared when kicking off campaign. Now I cannot get past error to enter application.

TokenMismatchException in VerifyCsrfToken.php line 68:

  1. in VerifyCsrfToken.php line 68
  2. at VerifyCsrfToken->handle(object(Request), object(Closure)) in Pipeline.php line 148
  3. at Pipeline->Illuminate\Pipeline{closure}(object(Request)) in Pipeline.php line 53
  4. at Pipeline->Illuminate\Routing{closure}(object(Request)) in ShareErrorsFromSession.php line 49
  5. at ShareErrorsFromSession->handle(object(Request), object(Closure)) in Pipeline.php line 148
  6. at Pipeline->Illuminate\Pipeline{closure}(object(Request)) in Pipeline.php line 53
  7. at Pipeline->Illuminate\Routing{closure}(object(Request)) in StartSession.php line 64
  8. at StartSession->handle(object(Request), object(Closure)) in Pipeline.php line 148
  9. at Pipeline->Illuminate\Pipeline{closure}(object(Request)) in Pipeline.php line 53
  10. at Pipeline->Illuminate\Routing{closure}(object(Request)) in AddQueuedCookiesToResponse.php line 37
  11. at AddQueuedCookiesToResponse->handle(object(Request), object(Closure)) in Pipeline.php line 148
  12. at Pipeline->Illuminate\Pipeline{closure}(object(Request)) in Pipeline.php line 53
  13. at Pipeline->Illuminate\Routing{closure}(object(Request)) in EncryptCookies.php line 59
  14. at EncryptCookies->handle(object(Request), object(Closure)) in Pipeline.php line 148
  15. at Pipeline->Illuminate\Pipeline{closure}(object(Request)) in Pipeline.php line 53
  16. at Pipeline->Illuminate\Routing{closure}(object(Request)) in Pipeline.php line 102
  17. at Pipeline->then(object(Closure)) in Router.php line 561
  18. at Router->runRouteWithinStack(object(Route), object(Request)) in Router.php line 520
  19. at Router->dispatchToRoute(object(Request)) in Router.php line 498
  20. at Router->dispatch(object(Request)) in Kernel.php line 174
  21. at Kernel->Illuminate\Foundation\Http{closure}(object(Request)) in Pipeline.php line 30
  22. at Pipeline->Illuminate\Routing{closure}(object(Request)) in TransformsRequest.php line 30
  23. at TransformsRequest->handle(object(Request), object(Closure)) in Pipeline.php line 148
  24. at Pipeline->Illuminate\Pipeline{closure}(object(Request)) in Pipeline.php line 53
  25. at Pipeline->Illuminate\Routing{closure}(object(Request)) in TransformsRequest.php line 30
  26. at TransformsRequest->handle(object(Request), object(Closure)) in Pipeline.php line 148
  27. at Pipeline->Illuminate\Pipeline{closure}(object(Request)) in Pipeline.php line 53
  28. at Pipeline->Illuminate\Routing{closure}(object(Request)) in ValidatePostSize.php line 25
  29. at ValidatePostSize->handle(object(Request), object(Closure)) in Pipeline.php line 148
  30. at Pipeline->Illuminate\Pipeline{closure}(object(Request)) in Pipeline.php line 53
  31. at Pipeline->Illuminate\Routing{closure}(object(Request)) in CheckForMaintenanceMode.php line 46
  32. at CheckForMaintenanceMode->handle(object(Request), object(Closure)) in Pipeline.php line 148
  33. at Pipeline->Illuminate\Pipeline{closure}(object(Request)) in Pipeline.php line 53
  34. at Pipeline->Illuminate\Routing{closure}(object(Request)) in Pipeline.php line 102
  35. at Pipeline->then(object(Closure)) in Kernel.php line 149
  36. at Kernel->sendRequestThroughRouter(object(Request)) in Kernel.php line 116
  37. at Kernel->handle(object(Request)) in index.php line 53
Raikia commented 6 years ago

This is the CSRF protection and happens if your session expires while you are waiting on a page. I suspect you sat on the "Create Campaign" page for a long time and it invalidated your session (30+ minutes). While its not unintended, I can see this being an issue occasionally so I will investigate in increasing session limits for CSRF tokens.

noroc89 commented 6 years ago

Thanks for the response. I tried restarting the service but I can't get past it. Any ideas?

Sent from Yahoo Mail on Android

On Thu, May 24, 2018 at 7:20 PM, Chris Kingnotifications@github.com wrote:
This is the CSRF protection and happens if your session expires while you are waiting on a page. I suspect you sat on the "Create Campaign" page for a long time and it invalidated your session. While its not unintended, I can see this being an issue occasionally so I will investigate in increasing session limits for CSRF tokens.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.