search

mxrch / GHunt

🕵️‍♂️ Offensive Google framework.
Other
15.85k stars 1.32k forks source link

[fix for Invalid Cookies] Make GHunt accept all cookies #480

Closed Shion1305 closed 10 months ago

Shion1305 commented 10 months ago

This is a solution for these issues.

Due to changes in Google Authentication, GHunt does not work as for 2024/01/11. I've figured out that including all cookies will work.

I submitted a PR in mxrch/ghunt_companion, which will pass all cookies to GHunt on authentication. There was some codes that prevents doing so in GHunt, so I removed that. https://github.com/mxrch/GHunt/blob/e87346963658dd8d80cef49dbf1bd263e96d352e/ghunt/helpers/auth.py#L99C1-L101C21

Required cookies are remained unidentified, so I marked Enter manually all cookies as currently not supported.

Bang1338 commented 10 months ago

i tested it and still not fixed.

image

i'm using ungoogled chromium for this.

image

Shion1305 commented 10 months ago

@Bang1338 Looks like encoded cookies are short, which I think you haven't updated the Chrome extension(ghunt_companion). Try followings. Let me know the results.

Bang1338 commented 10 months ago

@Bang1338 Looks like encoded cookies are short, which I think you haven't updated the Chrome extension(ghunt_companion). Try followings. Let me know the results.

  • If you have already installed ghunt_companion, disable it on your browser
  • Clone shion1305/ghunt_companion
  • Load the cloned files in your browser with Developer mode reference

Thank, the cookie is longer, but sadly it doesn't work

image

Note: I've performed "robots.txt" and cleared all cookies, before getting cookies.

Shion1305 commented 10 months ago

I found that you have to access http://docs.google.com before you run ghunt_companion. I created a screen capture of how to run login procedure, hope this helps.

https://github.com/mxrch/GHunt/assets/20254962/023aac4f-df18-4642-b60e-861cb894421a

hversu commented 10 months ago

I have tried this branch in various ways in chrome and firefox using choice 1: listener -developer mode on (chrome) -go to docs.google.com first

I still get invalid cookies

Bang1338 commented 10 months ago

I found that you have to access http://docs.google.com before you run ghunt_companion. I created a screen capture of how to run login procedure, hope this helps.

bandicam.2024-01-13.08-56-16-682.mp4

image

It work, thank!

Shion1305 commented 10 months ago

I'm closing this PR as the issue has been resolved.