search

leebaird / discover

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.
MIT License
3.39k stars 820 forks source link

Running Firefox as root in a regular user's session is not supported. #158

Closed Jejepixel closed 4 years ago

Jejepixel commented 4 years ago

Hi everyone,

I need help to make firefox run and open the tabs with information gathering. The problem is that when I run discover as normal user whitout sudo ./discover but just ./discover, it makes some errors before the first choosing panel, and they dissapear after. After it continues as normal, but still in a normal mode im stuck because of the harvester scanning, its stuck at after Yahoo with All, and after i want to exit and doCTRL + C and it shows me some errors

line 11 with sqli

and return me back to my prompt

BUT when I run with sudo it goes very fine whitout errors untill at the scanning moment and says

**Scan complete.**

The supporting data folder is located at /root/data/sortirensemble.com/

Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)

kali@kali:/opt/discover$ Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/kali/.Xauthority which is owned by kali.)
^C
kali@kali:/opt/discover$ ^C

What can I do? Ive tried exactly the same maneer with blackarch repo which is pretty cool, and there I followed all the courses that I ve bought on udemy with the discover installation from this, all seemed nice, excepted when the scanning stared with the errors as a nornal user(stuck at All in theharvester) and errors in sudo mode, about mozilla runing root. I felt pwned

leebaird commented 4 years ago

I fixed theHarvester bug on Friday. Do a git pull to resolve that. Discover was meant to be ran as root. Please join the Slack channel to discuss more.

discover-pentest.slack.com

jthart commented 4 years ago

I know this is closed, but I'm still encountering this issue with everything up to date (firefox as root message specifically, everything else is fine) and I haven't seen a specific reference on how to correct/change that behavior. Some insight would be appreciated.

L1ghtn1ng commented 4 years ago

Will have a look as I have a feeling I know what needs to be done

leebaird commented 4 years ago

I seemed to recall having an issues with Firefox about a month ago. But the problem went away after a couple of days with a new version. I'm not seeing anything like you are talking about. Have your ran /discover/update.sh until there are no more updates?

jthart commented 4 years ago

Just confirmed I still get the Firefox error message. Output from update.sh:


> `Updating Kali.
> Hit:1 http://ppa.launchpad.net/linuxuprising/java/ubuntu bionic InRelease
> Hit:2 http://kali.download/kali kali-rolling InRelease
> Reading package lists... Done
> Building dependency tree       
> Reading state information... Done
> All packages are up to date.
> Reading package lists... Done
> Building dependency tree       
> Reading state information... Done
> Calculating upgrade... Done
> 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
> Reading package lists... Done
> Building dependency tree       
> Reading state information... Done
> Calculating upgrade... Done
> 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
> Reading package lists... Done
> Building dependency tree       
> Reading state information... Done
> 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
> Reading package lists... Done
> Building dependency tree       
> Reading state information... Done
> 
> Updating BloodHound.
> Already up to date.
> 
> Updating Cobalt Strike profiles.
> Already up to date.
> 
> Updating CrackMapExec.
> Already up to date.
> 
> Updating Discover.
> Already up to date.
> 
> Updating DNSRecon.
> Already up to date.
> 
> Updating dnstwist.
> Already up to date.
> 
> Updating Domain Hunter.
> Already up to date.
> 
> Updating DomainPasswordSpray.
> Already up to date.
> 
> Updating Donut.
> Already up to date.
> 
> Updating droopescan.
> Already up to date.
> 
> Updating Egress-Assess.
> Already up to date.
> 
> Updating Empire.
> Already up to date.
> 
> Updating EyeWitness.
> Already up to date.
> 
> Updating Nmap scripts.
> Updating rule database.
> Script Database updated successfully.
> 
> Updating PowerSploit.
> Already up to date.
> 
> Updating PowerUpSQL.
> Already up to date.
> 
> Updating Prowl.
> Already up to date.
> 
> Updating PS>Attack.
> Already up to date.
> 
> Updating RAWR.
> Already up to date.
> 
> Updating SecLists.
> Already up to date.
> 
> Updating SharpShooter.
> Already up to date.
> 
> Updating theHarvester.
> Already up to date.
> 
> Updating unicorn.
> Already up to date.
> 
> Updating URLCrazy.
> Already up to date.
> 
> Updating Veil.
> Already up to date.
> 
> Updating Windows-Exploit-Suggester.
> Already up to date.
> [*] initiating winsploit version 3.3...
> [+] writing to file 2020-05-08-mssb.xls
> [*] done
> 
> Updating locate database.
> 
> 
> jthart@kl-jth-q:/opt/discover$ 
> jthart@kl-jth-q:/opt/discover$ sudo git pull
> Already up to date.
> jthart@kl-jth-q:/opt/discover$ `

And the error when passive discovery finishes:


> ***Scan complete.***
> 
> 
> The supporting data folder is located at /root/data/jthart.com/
> 
> Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/jthart/.Xauthority which is owned by jthart.)
> Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/jthart/.Xauthority which is owned by jthart.)
> Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/jthart/.Xauthority which is owned by jthart.)
> Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/jthart/.Xauthority which is owned by jthart.)
> Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/jthart/.Xauthority which is owned by jthart.)
> Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/jthart/.Xauthority which is owned by jthart.)
> Running Firefox as root in a regular user's session is not supported.  ($XAUTHORITY is /home/jthart/.Xauthority which is owned by jthart.)
leebaird commented 4 years ago

You are not running as root. That’s the issue. Don’t use sudo, login as root then run the script.

Lee

On Fri, May 8, 2020 at 6:38 PM Jesse Hart notifications@github.com wrote:

Just confirmed I still get the Firefox error message. Output from update.sh:

`Updating Kali. Hit:1 http://ppa.launchpad.net/linuxuprising/java/ubuntu bionic InRelease Hit:2 http://kali.download/kali kali-rolling InRelease Reading package lists... Done Building dependency tree Reading state information... Done All packages are up to date. Reading package lists... Done Building dependency tree Reading state information... Done Calculating upgrade... Done 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Reading package lists... Done Building dependency tree Reading state information... Done Calculating upgrade... Done 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Reading package lists... Done Building dependency tree Reading state information... Done 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Reading package lists... Done Building dependency tree Reading state information... Done

Updating BloodHound. Already up to date.

Updating Cobalt Strike profiles. Already up to date.

Updating CrackMapExec. Already up to date.

Updating Discover. Already up to date.

Updating DNSRecon. Already up to date.

Updating dnstwist. Already up to date.

Updating Domain Hunter. Already up to date.

Updating DomainPasswordSpray. Already up to date.

Updating Donut. Already up to date.

Updating droopescan. Already up to date.

Updating Egress-Assess. Already up to date.

Updating Empire. Already up to date.

Updating EyeWitness. Already up to date.

Updating Nmap scripts. Updating rule database. Script Database updated successfully.

Updating PowerSploit. Already up to date.

Updating PowerUpSQL. Already up to date.

Updating Prowl. Already up to date.

Updating PS>Attack. Already up to date.

Updating RAWR. Already up to date.

Updating SecLists. Already up to date.

Updating SharpShooter. Already up to date.

Updating theHarvester. Already up to date.

Updating unicorn. Already up to date.

Updating URLCrazy. Already up to date.

Updating Veil. Already up to date.

Updating Windows-Exploit-Suggester. Already up to date. [] initiating winsploit version 3.3... [+] writing to file 2020-05-08-mssb.xls [] done

Updating locate database.

jthart@kl-jth-q:/opt/discover$ jthart@kl-jth-q:/opt/discover$ sudo git pull Already up to date. jthart@kl-jth-q:/opt/discover$ `

And the error when passive discovery finishes:

Scan complete.

The supporting data folder is located at /root/data/jthart.com/

Running Firefox as root in a regular user's session is not supported. ($XAUTHORITY is /home/jthart/.Xauthority which is owned by jthart.) Running Firefox as root in a regular user's session is not supported. ($XAUTHORITY is /home/jthart/.Xauthority which is owned by jthart.) Running Firefox as root in a regular user's session is not supported. ($XAUTHORITY is /home/jthart/.Xauthority which is owned by jthart.) Running Firefox as root in a regular user's session is not supported. ($XAUTHORITY is /home/jthart/.Xauthority which is owned by jthart.) Running Firefox as root in a regular user's session is not supported. ($XAUTHORITY is /home/jthart/.Xauthority which is owned by jthart.) Running Firefox as root in a regular user's session is not supported. ($XAUTHORITY is /home/jthart/.Xauthority which is owned by jthart.) Running Firefox as root in a regular user's session is not supported. ($XAUTHORITY is /home/jthart/.Xauthority which is owned by jthart.)

— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/leebaird/discover/issues/158#issuecomment-626064394, or unsubscribe https://github.com/notifications/unsubscribe-auth/AA6TX3Y3W4UKKSIBVA4XR2TRQSJYBANCNFSM4ML7QX2Q .

--

Lee Baird

SchellerCyberSecurity commented 4 years ago

Lee I can't seem to gain access to the slack space, can you send an invite to derek.scheller@schellercybersecurity.com?