search

jofpin / trape

People tracker on the Internet: OSINT analysis and research tool by Jose Pino
https://x.com/jofpin
8.06k stars 1.29k forks source link

Looking for the session #119

Open Sara123984 opened 5 years ago

Sara123984 commented 5 years ago

Hi guys, good work both jofpin & DJCHICKEN4.

I want to say that now after updating to the last version and session recognition works. When I try to capture the credentials of a target sessions, it makes a phishing page but the connection is lost at that point, this is the log from the ssh

[] A user has been connected from xx.203.46.xx with the following identifier: 0b814 [] It's the 7 time for 0b814@xx.203.46.xx [+] Gmail session detected from xx.203.46.xx with ID: 0b814 [+] Youtube session detected from xx.203.46.xx with ID: 0b814 [+] Amazon session detected from xx.203.46.xx with ID: 0b814 [2018-12-07 06:19:57,523] ERROR in app: Exception on /get_title [POST] Traceback (most recent call last): File "/usr/lib/python2.7/dist-packages/flask/app.py", line 2292, in wsgi_app response = self.full_dispatch_request() File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1815, in full_dispatch_request rv = self.handle_user_exception(e) File "/usr/local/lib/python2.7/dist-packages/flask_cors/extension.py", line 161, in wrapped_function return cors_after_request(app.make_response(f(args, kwargs))) File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1718, in handle_user_exception reraise(exc_type, exc_value, tb) File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1813, in full_dispatch_request rv = self.dispatch_request() File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1799, in dispatch_request return self.view_functions[rule.endpoint](req.view_args) File "/root/trape/core/stats.py", line 94, in home_get_title html = opener.open(trape.url_to_clone).read() File "/root/trape/core/dependence/urllib2.py", line 406, in open response = meth(req, response) File "/root/trape/core/dependence/urllib2.py", line 519, in http_response 'http', request, response, code, msg, hdrs) File "/root/trape/core/dependence/urllib2.py", line 438, in error result = self._call_chain(args) File "/root/trape/core/dependence/urllib2.py", line 378, in _call_chain result = func(args) File "/root/trape/core/dependence/urllib2.py", line 625, in http_error_302 return self.parent.open(new, timeout=req.timeout) File "/root/trape/core/dependence/urllib2.py", line 406, in open response = meth(req, response) File "/root/trape/core/dependence/urllib2.py", line 519, in http_response 'http', request, response, code, msg, hdrs) File "/root/trape/core/dependence/urllib2.py", line 438, in error result = self._call_chain(args) File "/root/trape/core/dependence/urllib2.py", line 378, in _call_chain result = func(args) File "/root/trape/core/dependence/urllib2.py", line 625, in http_error_302 return self.parent.open(new, timeout=req.timeout) File "/root/trape/core/dependence/urllib2.py", line 406, in open response = meth(req, response) File "/root/trape/core/dependence/urllib2.py", line 519, in http_response 'http', request, response, code, msg, hdrs) File "/root/trape/core/dependence/urllib2.py", line 444, in error return self._call_chain(args) File "/root/trape/core/dependence/urllib2.py", line 378, in _call_chain result = func(*args) File "/root/trape/core/dependence/urllib2.py", line 527, in http_error_default raise HTTPError(req.get_full_url(), code, msg, hdrs, fp) HTTPError: HTTP Error 503: Service Unavailable

black8x commented 5 years ago

Got also this error

ghost commented 5 years ago

@Sara123984 How are you executing the credential capture command are you using the web UI? Also is the issue just the credential capturing or session recognition also? And where did you find this log file?

black8x commented 5 years ago

@DJCHICKEN4 This log file is comping up in the terminal window where running the software, this issue is coming up with credential capturing, also the clients disconnects after this error.

ghost commented 5 years ago

@DJCHICKEN4 This log file is comping up in the terminal window where running the software, this issue is coming up with credential capturing, also the clients disconnects after this error.

@black8x What command are you running to run trape and also what service are you trying to phish? I would like to try and recreate this error.

black8x commented 5 years ago

./trape.py and just following the menu, and gmail.

ghost commented 5 years ago

@jofpin I have figured out the problem but not a solution to this issue. The problem is that google no longer allows the google maps api to be run over https this wouldn't be such an issue and we could just change the links to https but the exploits used in this project depend on the website being http a possible solution would be to use a different api such as leaflet however I am unaware how I would replace all the google maps references to leaflet.