search

trustedsec / social-engineer-toolkit

The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.
10.88k stars 2.76k forks source link

Site Cloner not working properly #790

Open KrisCoder1 opened 4 years ago

KrisCoder1 commented 4 years ago

Hello everyone,

When i type 'sudo setoolkit' and navigate to the site cloner, type in my ip and the website, the website runs correctly, but the output is a bit broken i think. Nothing happens when nobody has connected to the ip, but when they start typing credentials, i get this. I don't know what i'm doing wrong here, can anyone please help me?

And btw, is it possible to assign a domain name to a local ip? So it shows 'https://www.test.com' for example, instead of the ip address

Here is the output:

[] Cloning the website: https://login.facebook.com/login.php
[] This could take a little bit...

The best way to use this attack is if username and password form fields are available. Regardless, this captures all POSTs on a website.
[] The Social-Engineer Toolkit Credential Harvester Attack [] Credential Harvester is running on port 80
[] Information will be displayed to you as it arrives below:
192.168.178.144 - - [04/Aug/2020 21:33:10] "GET / HTTP/1.1" 200 - [] WE GOT A HIT! Printing the output: POSSIBLE USERNAME FIELD FOUND: ------WebKitFormBoundaryJI4gNS1HlotCRSdg
Content-Disposition: form-data; name="ts"

1596569603029
------WebKitFormBoundaryJI4gNS1HlotCRSdg
Content-Disposition: form-data; name="q"

[{"app_id":"256281040558","posts":"ox/waVtbImdrMl9leHBvc3VyZSIseyJpZGVudGlmaWVyIjoiMTA3MzUwMCIsImhhc2giOiJBVDY2V29za1VTRnE1VEpoIn0sMTU5NjU2OTU5NDkxNC4zNiwwLDUwXSxbInJlcXVpcmVfY29uZF8RYxxfbG9nZ2luZ0JrAPBWQWEzc3ktWko5SWJZZjd6RmVZUFB0aGhaVVAwU0JlNXhoV2dhdFVNcUlJNEQxOHVMQVZON0pBN1RyLWNHTmJQU1lhOWYxRnpwdTFOZFd6enRJSWJkN2pRQqEAIDkxNSwwLDEwNM6jAPBjMVItcXk4dEUwU2ZFeXkyWTNZcHY1UkVPSHctal9kWjNuVWlNdWlqTWl4YnEzOTRvLVVZZDFydE5vRGwtTDM1T0gtUHZoQzBQLXFHNUdhX0Zkb3FRWUpSM2ZLNjhlViJ9LDE1OT1NBDkzBawEMTMBrHKpARQ2NzY5MjAuqAE0NG1ucGhITjVTQkRwVFk6BwEMNS41NQFbBDQ5lloAADEuWgA0Nm5JaHRKNVNTWWM1VWc6WgAMOC42OKZaAAg4MzcuWgA0NE1vTVhhaEQybzlDRUkuWgAgNTAwOC45NCwwDbPCXALwUGhCYTktajNnZlpoNXo0UjJReTM3Rm5hMV9zSWZ3S2NBeWFVbmhUWVNlaGlOUGJiY1RHaU9qNGV2WE5waEZqQW8zaXBtQURkN1M4M2VPNFRNIj2sCZ1B+QgxMDCCUQEYMTA5OTg5MzL4ADA2akZfSHhLN1Nna2tVNvgAYVQMOSwwLNZUA/BUMTB1bjVIUUJ6UHBjV3hjNll4dENCZUNmdW1KLVYtTEZHZDM3czF6RGdTY2hhdVgxYmg4MHVWU1k2M3A2dWJkazF5T3NnTGdlNkFmNlVRVXlMd2tLc0KhAAA0LlQDRHNjcmlwdF9wYXRoX2NoYW5nZWHsFHNvdXJjZQUWGCI6bnVsbCwRExB0b2tlbhEUCGRlcwk7OCI6Ii9sb2dpbi5waHAiLAkZDSscImFkOTc2NDJB8PBSaW1wcmVzc2lvbl9pZCI6IjBLVW5CVnhJMmhkMVkyNldJIiwiY2F1c2UiOiJsb2FkIiwic2lkX3JhdyI6Ijo6bnVweDNiIiwicmVmZXJyZXIiOiIRbhhlZl9wYWdlMpsAdHVyaSI6Imh0dHBzOi8vd3d3LmZhY2Vib29rLmNvbR2yMh8CJDE1Ljc3LDAsMjRlykx3ZWJfZGV2aWNlX3BlcmZfaW5mb6EYIShYY3B1X2NvcmVzIjo4LCJncHVfdmVuZG8BmCxHb29nbGUgSW5jLiIJGxByZW5kZQm16EFOR0xFIChJbnRlbChSKSBVSEQgR3JhcGhpY3MgNjIwIERpcmVjdDNEMTEgdnNfNV8wIHBzXzVfMCkiMqsAFDMzLjkyNaEiBDE4hssCHDYxMzk5OCIs3R8wd1c2TlJmOFVvS2JpVDYHAQA0AVjWyALwUjBzakNkM1FrZDRYSnlqc1l4b3ZXeEUxSVBGWGhTbUxQYm1tc01NYnl1YUNrbUZrRDg3WF9IcnJNUGZCaXVFM1JxbnFlbGdvamNKZ09ucEluRkoiMvcAEDQ1LjAxAfYEMDGG9gAQMzk5MjEy9gA0NUowcTFndTVjdUYxSF8+9gAALgFaCfhyxQUQNzI5NjNB1QhoYXNhATxBVDRSTmwzb0xJcERUOVJYRlgAZXgENDmKswAMODE3NjKzADQ0cl9hbTh0VWpvUWduTEZbAEUFnrUAOiAGLEtYZ3l5MEVHcDNxc0ZaAAQzLLHGcg4BFDE2MjA4MDYoBTBnYUlLVXRqNEFrV0dwRloAADS1KHZaABQyODE1MDUutwI0NHVnWE9md2E5Y25WUzlGWgDlLooOARQxMjkxMDIytQA0N0YwVktnNW5uQ1ZSQ0ZGWwAENjWetgAQOTQxODIutgA0N2lDcTBJTDNCU0VjNXJGWwAAN55bABA0MDEwNjJ6AjA1eFpDWTBnX25hMTNhQsgDBC4x5eWOEQEUNDg1MDU1LrYANDRYc3BXRWNpeENXN1dRRrYAolsAEDU4NDc5MkEINDZtTFpuR2U1OGJjaTk4RlsABDk1mmwBEDU5NjA2NscBME1CckRvMmtKd0dmUmpCWwAAMqJZAAg3NjQyxQE0NFFHc2FSNWh4c1dBY0VGWQCaPQQQNjc3NzYyWQA0Nmd6MzF3WmZnUENoNnQ2WQAMNTguOEV5iT3CTwnwSnktaGU1S3dRSDhHSWFUZXJ4WUVOWElrSVRZem9lLVI3a1RNLVI5MGhKUFZXN3o0QUt6blc5cVdsdm82Smx1bnVMTk0zRGdvS3prQUaZABQ4LDAsOTWB1QRyZbZDDPBUMm1uOFJrUEVGNWJORFF0ajVma0dBTUVIcjRwX3BpOFlBVlh5TkY5SExNV0RId3dDSFp3a3hLZDdla2MzZjR6WWk2WFRXVXZ5MFEzdXlqVjE0RUZyNjrDBCE7RaMEMTAFpHJrBBA3MDgyNTZIAjA2YWNQYVRzaURydFV6Nv0ADDgzLjMB/daVAfBEMTZ5WjZaVEFlRU45NWNrRktkdFFUWm81dC1kUThaXzJSNGFwdFVCUVAzckNwc0IzRnVMOE0tMDJZUTVSRFlyd2NMenRJQpEAADRBgAA4igwIEDQyNzMwNmMGMEdEcnQyTU1MOTdCVHYuWgAUNjE1NS44DhMJiUNodGltZV9zcGVudF9iaXRfYXJyYXkiLHsidG9zFtcJBG51GqgJFHN0YXJ0XwEwBCI6YaYYNTY5NTk1LAUqCTccOlsyMDMsMF0JFABsDlwKADkJDBRzZXEiOjAJDBRjdW0iOjVSDQoiGQgINjAzDrsJADMBqAQxMhLaCzhjYXRlZ29yaXplZF9vZHMBpCgyOTY2Ijp7Im1zLgGXCccYLnFhLnd3dwEYHRU4Yml0cy5qc19pbml0aWFsAUYYIjpbMV19fTJ0ADAyNC45MTUsMCw3Ml1d","user":"0","webSessionId":"::nupx3b","trigger":"categorized_ods","send_method":"ajax","compression":"snappy_base64","snappy_ms":2},{"webSessionId":"::nupx3b","posts":[["categorized_ods",{"2979":{"banzai":{"blue_messages_received":[36]}}},1596569603026.285,0,51]],"user":"0","app_id":"256281040558","compression":""},{"webSessionId":"::nupx3b","posts":[["categorized_ods",{"2979":{"banzai":{"blue_messages_sent":[36]}}},1596569603026.425,0,47]],"user":"0","app_id":"256281040558","compression":""}]
------WebKitFormBoundaryJI4gNS1HlotCRSdg--
POSSIBLE PASSWORD FIELD FOUND: ------WebKitFormBoundaryJI4gNS1HlotCRSdg
Content-Disposition: form-data; name="ts"

1596569603029
------WebKitFormBoundaryJI4gNS1HlotCRSdg
Content-Disposition: form-data; name="q"

[{"app_id":"256281040558","posts":"ox/waVtbImdrMl9leHBvc3VyZSIseyJpZGVudGlmaWVyIjoiMTA3MzUwMCIsImhhc2giOiJBVDY2V29za1VTRnE1VEpoIn0sMTU5NjU2OTU5NDkxNC4zNiwwLDUwXSxbInJlcXVpcmVfY29uZF8RYxxfbG9nZ2luZ0JrAPBWQWEzc3ktWko5SWJZZjd6RmVZUFB0aGhaVVAwU0JlNXhoV2dhdFVNcUlJNEQxOHVMQVZON0pBN1RyLWNHTmJQU1lhOWYxRnpwdTFOZFd6enRJSWJkN2pRQqEAIDkxNSwwLDEwNM6jAPBjMVItcXk4dEUwU2ZFeXkyWTNZcHY1UkVPSHctal9kWjNuVWlNdWlqTWl4YnEzOTRvLVVZZDFydE5vRGwtTDM1T0gtUHZoQzBQLXFHNUdhX0Zkb3FRWUpSM2ZLNjhlViJ9LDE1OT1NBDkzBawEMTMBrHKpARQ2NzY5MjAuqAE0NG1ucGhITjVTQkRwVFk6BwEMNS41NQFbBDQ5lloAADEuWgA0Nm5JaHRKNVNTWWM1VWc6WgAMOC42OKZaAAg4MzcuWgA0NE1vTVhhaEQybzlDRUkuWgAgNTAwOC45NCwwDbPCXALwUGhCYTktajNnZlpoNXo0UjJReTM3Rm5hMV9zSWZ3S2NBeWFVbmhUWVNlaGlOUGJiY1RHaU9qNGV2WE5waEZqQW8zaXBtQURkN1M4M2VPNFRNIj2sCZ1B+QgxMDCCUQEYMTA5OTg5MzL4ADA2akZfSHhLN1Nna2tVNvgAYVQMOSwwLNZUA/BUMTB1bjVIUUJ6UHBjV3hjNll4dENCZUNmdW1KLVYtTEZHZDM3czF6RGdTY2hhdVgxYmg4MHVWU1k2M3A2dWJkazF5T3NnTGdlNkFmNlVRVXlMd2tLc0KhAAA0LlQDRHNjcmlwdF9wYXRoX2NoYW5nZWHsFHNvdXJjZQUWGCI6bnVsbCwRExB0b2tlbhEUCGRlcwk7OCI6Ii9sb2dpbi5waHAiLAkZDSscImFkOTc2NDJB8PBSaW1wcmVzc2lvbl9pZCI6IjBLVW5CVnhJMmhkMVkyNldJIiwiY2F1c2UiOiJsb2FkIiwic2lkX3JhdyI6Ijo6bnVweDNiIiwicmVmZXJyZXIiOiIRbhhlZl9wYWdlMpsAdHVyaSI6Imh0dHBzOi8vd3d3LmZhY2Vib29rLmNvbR2yMh8CJDE1Ljc3LDAsMjRlykx3ZWJfZGV2aWNlX3BlcmZfaW5mb6EYIShYY3B1X2NvcmVzIjo4LCJncHVfdmVuZG8BmCxHb29nbGUgSW5jLiIJGxByZW5kZQm16EFOR0xFIChJbnRlbChSKSBVSEQgR3JhcGhpY3MgNjIwIERpcmVjdDNEMTEgdnNfNV8wIHBzXzVfMCkiMqsAFDMzLjkyNaEiBDE4hssCHDYxMzk5OCIs3R8wd1c2TlJmOFVvS2JpVDYHAQA0AVjWyALwUjBzakNkM1FrZDRYSnlqc1l4b3ZXeEUxSVBGWGhTbUxQYm1tc01NYnl1YUNrbUZrRDg3WF9IcnJNUGZCaXVFM1JxbnFlbGdvamNKZ09ucEluRkoiMvcAEDQ1LjAxAfYEMDGG9gAQMzk5MjEy9gA0NUowcTFndTVjdUYxSF8+9gAALgFaCfhyxQUQNzI5NjNB1QhoYXNhATxBVDRSTmwzb0xJcERUOVJYRlgAZXgENDmKswAMODE3NjKzADQ0cl9hbTh0VWpvUWduTEZbAEUFnrUAOiAGLEtYZ3l5MEVHcDNxc0ZaAAQzLLHGcg4BFDE2MjA4MDYoBTBnYUlLVXRqNEFrV0dwRloAADS1KHZaABQyODE1MDUutwI0NHVnWE9md2E5Y25WUzlGWgDlLooOARQxMjkxMDIytQA0N0YwVktnNW5uQ1ZSQ0ZGWwAENjWetgAQOTQxODIutgA0N2lDcTBJTDNCU0VjNXJGWwAAN55bABA0MDEwNjJ6AjA1eFpDWTBnX25hMTNhQsgDBC4x5eWOEQEUNDg1MDU1LrYANDRYc3BXRWNpeENXN1dRRrYAolsAEDU4NDc5MkEINDZtTFpuR2U1OGJjaTk4RlsABDk1mmwBEDU5NjA2NscBME1CckRvMmtKd0dmUmpCWwAAMqJZAAg3NjQyxQE0NFFHc2FSNWh4c1dBY0VGWQCaPQQQNjc3NzYyWQA0Nmd6MzF3WmZnUENoNnQ2WQAMNTguOEV5iT3CTwnwSnktaGU1S3dRSDhHSWFUZXJ4WUVOWElrSVRZem9lLVI3a1RNLVI5MGhKUFZXN3o0QUt6blc5cVdsdm82Smx1bnVMTk0zRGdvS3prQUaZABQ4LDAsOTWB1QRyZbZDDPBUMm1uOFJrUEVGNWJORFF0ajVma0dBTUVIcjRwX3BpOFlBVlh5TkY5SExNV0RId3dDSFp3a3hLZDdla2MzZjR6WWk2WFRXVXZ5MFEzdXlqVjE0RUZyNjrDBCE7RaMEMTAFpHJrBBA3MDgyNTZIAjA2YWNQYVRzaURydFV6Nv0ADDgzLjMB/daVAfBEMTZ5WjZaVEFlRU45NWNrRktkdFFUWm81dC1kUThaXzJSNGFwdFVCUVAzckNwc0IzRnVMOE0tMDJZUTVSRFlyd2NMenRJQpEAADRBgAA4igwIEDQyNzMwNmMGMEdEcnQyTU1MOTdCVHYuWgAUNjE1NS44DhMJiUNodGltZV9zcGVudF9iaXRfYXJyYXkiLHsidG9zFtcJBG51GqgJFHN0YXJ0XwEwBCI6YaYYNTY5NTk1LAUqCTccOlsyMDMsMF0JFABsDlwKADkJDBRzZXEiOjAJDBRjdW0iOjVSDQoiGQgINjAzDrsJADMBqAQxMhLaCzhjYXRlZ29yaXplZF9vZHMBpCgyOTY2Ijp7Im1zLgGXCccYLnFhLnd3dwEYHRU4Yml0cy5qc19pbml0aWFsAUYYIjpbMV19fTJ0ADAyNC45MTUsMCw3Ml1d","user":"0","webSessionId":"::nupx3b","trigger":"categorized_ods","send_method":"ajax","compression":"snappy_base64","snappy_ms":2},{"webSessionId":"::nupx3b","posts":[["categorized_ods",{"2979":{"banzai":{"blue_messages_received":[36]}}},1596569603026.285,0,51]],"user":"0","app_id":"256281040558","compression":""},{"webSessionId":"::nupx3b","posts":[["categorized_ods",{"2979":{"banzai":{"blue_messages_sent":[36]}}},1596569603026.425,0,47]],"user":"0","app_id":"256281040558","compression":""}]
------WebKitFormBoundaryJI4gNS1HlotCRSdg--
[*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.

192.168.178.144 - - [04/Aug/2020 21:33:20] "POST /ajax/bz?a=1&beoa=0&ccg=EXCELLENT&comet_req=0&csr=&dyn=7xe6Fo4OQ1PyUbFuC1swgE98nwgU6C7UW3q327E2vwXx60kO4o3Bw5VCwjE3awbG783pwlU7i0n2US1kyE1oU884y0Mo28xe0SU2swdq0Ho2ew&hsi=6857214166781162791-0&pc=PHASED%3ADEFAULT&req=1&rev=1002462360&s=%3A%3Anupx3b&spin_b=trunk&spin_r=1002462360&__spin_t=1596569588&user=0&bz_orig=blue&dpr=1&jazoest=2625&lsd=AVos7GD6 HTTP/1.1" 302 - [] WE GOT A HIT! Printing the output: POSSIBLE USERNAME FIELD FOUND: user=0
PARAM: a=1
PARAM: dyn=7xe6Fo4OQ1PyUbFuC1swgE98nwgU6C7UW3q327E2vwXx60kO4o3Bw5VCwjE3awbG783pwlU7i0n2US1kyE1oU884y0Mo28xe0SU2swdq0Ho2ew
PARAM: csr=
PARAM: req=2
PARAM: beoa=0
PARAM: pc=PHASED:DEFAULT
PARAM: dpr=1
PARAM: ccg=EXCELLENT
PARAM: rev=1002462360
PARAM: s=:j1n7qi:nupx3b
PARAM: hsi=6857214166781162791-0
PARAM: comet_req=0
PARAM: lsd=AVos7GD6
PARAM: jazoest=2625
POSSIBLE PASSWORD FIELD FOUND: spin_r=1002462360
POSSIBLE PASSWORD FIELD FOUND: __spin_b=trunk
POSSIBLE PASSWORD FIELD FOUND: spin_t=1596569588
[] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.

192.168.178.144 - - [04/Aug/2020 21:33:20] "POST /cookie/consent/ HTTP/1.1" 302 - [*] WE GOT A HIT! Printing the output: POSSIBLE USERNAME FIELD FOUND: ------WebKitFormBoundaryQ3b2AfMprHSv8fE1
Content-Disposition: form-data; name="ts"

1596569603329
------WebKitFormBoundaryQ3b2AfMprHSv8fE1
Content-Disposition: form-data; name="q"

[{"app_id":"256281040558","posts":[["time_spent_bit_array",{"tos_id":"nupx3b","start_time":1596569595,"tos_array":[203,0],"tos_len":9,"tos_seq":0,"tos_cum":5,"sid_raw":"::nupx3b"},1596569603015.37,1,120]],"user":"0","webSessionId":"::nupx3b","trigger":"categorized_ods","send_method":"ajax","compression":""},{"app_id":"256281040558","posts":[["gk2_exposure",{"identifier":"946894","hash":"AT48J-w4PubzyeLF"},1596569603313.04,0,49],["click_ref_logger",["2av5",1596569603319,"act",1596569603317,0,"pass","click","click","-","r","/",{"ft":{"click_type":"left"},"gt":{}},769,349,0,0,"nupx3b","/login.php"],1596569603319.35,0,150],["categorized_ods",{"2966":{"defer_cookies":{"set._js_fr":[1],"set._js_sb":[1]}}},1596569603328.06,0,62]],"user":"0","webSessionId":":j1n7qi:nupx3b","compression":""},{"webSessionId":":j1n7qi:nupx3b","posts":[["categorized_ods",{"2979":{"banzai":{"blue_messages_received":[5]}}},1596569603328.24,0,50]],"user":"0","app_id":"256281040558","compression":""},{"webSessionId":":j1n7qi:nupx3b","posts":[["categorized_ods",{"2979":{"banzai":{"blue_messages_sent":[6]}}},1596569603328.28,0,46]],"user":"0","app_id":"256281040558","compression":""}]
------WebKitFormBoundaryQ3b2AfMprHSv8fE1--
POSSIBLE PASSWORD FIELD FOUND: ------WebKitFormBoundaryQ3b2AfMprHSv8fE1
Content-Disposition: form-data; name="ts"

1596569603329
------WebKitFormBoundaryQ3b2AfMprHSv8fE1
Content-Disposition: form-data; name="q"

[{"app_id":"256281040558","posts":[["time_spent_bit_array",{"tos_id":"nupx3b","start_time":1596569595,"tos_array":[203,0],"tos_len":9,"tos_seq":0,"tos_cum":5,"sid_raw":"::nupx3b"},1596569603015.37,1,120]],"user":"0","webSessionId":"::nupx3b","trigger":"categorized_ods","send_method":"ajax","compression":""},{"app_id":"256281040558","posts":[["gk2_exposure",{"identifier":"946894","hash":"AT48J-w4PubzyeLF"},1596569603313.04,0,49],["click_ref_logger",["2av5",1596569603319,"act",1596569603317,0,"pass","click","click","-","r","/",{"ft":{"click_type":"left"},"gt":{}},769,349,0,0,"nupx3b","/login.php"],1596569603319.35,0,150],["categorized_ods",{"2966":{"defer_cookies":{"set._js_fr":[1],"set._js_sb":[1]}}},1596569603328.06,0,62]],"user":"0","webSessionId":":j1n7qi:nupx3b","compression":""},{"webSessionId":":j1n7qi:nupx3b","posts":[["categorized_ods",{"2979":{"banzai":{"blue_messages_received":[5]}}},1596569603328.24,0,50]],"user":"0","app_id":"256281040558","compression":""},{"webSessionId":":j1n7qi:nupx3b","posts":[["categorized_ods",{"2979":{"banzai":{"blue_messages_sent":[6]}}},1596569603328.28,0,46]],"user":"0","app_id":"256281040558","compression":""}]
------WebKitFormBoundaryQ3b2AfMprHSv8fE1--
[*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.

192.168.178.144 - - [04/Aug/2020 21:33:20] "POST /ajax/bz?a=1&beoa=0&ccg=EXCELLENT&comet_req=0&csr=&dyn=7xe6Fo4OQ1PyUbFuC1swgE98nwgU6C7UW3q327E2vwXx60kO4o3Bw5VCwjE3awbG783pwlU7i0n2US1kyE1oU884y0Mo28xe0SU2swdq0Ho2ew&hsi=6857214166781162791-0&pc=PHASED%3ADEFAULT&req=3&rev=1002462360&s=%3Aj1n7qi%3Anupx3b&spin_b=trunk&spin_r=1002462360&__spin_t=1596569588&user=0&bz_orig=blue&dpr=1&jazoest=2625&lsd=AVos7GD6 HTTP/1.1" 302 - [] WE GOT A HIT! Printing the output: PARAM: jazoest=2625
PARAM: lsd=AVos7GD6
PARAM: display=
PARAM: enable_profile_selector=
PARAM: isprivate=
PARAM: legacy_return=0
PARAM: profile_selector_ids=
PARAM: return_session=
POSSIBLE USERNAME FIELD FOUND: skip_api_login=
PARAM: signed_next=
PARAM: trynum=1
PARAM: timezone=-120
PARAM: lgndim=eyJ3IjoxNTM2LCJoIjo4NjQsImF3IjoxNTM2LCJhaCI6ODI0LCJjIjoyNH0=
PARAM: lgnrnd=123308_XCRU
PARAM: lgnjs=1596569595
POSSIBLE USERNAME FIELD FOUND: email=test123
POSSIBLE PASSWORD FIELD FOUND: pass=password
PARAM: prefill_contact_point=
PARAM: prefill_source=
PARAM: prefill_type=
PARAM: first_prefill_source=
PARAM: first_prefill_type=
PARAM: had_cp_prefilled=false
POSSIBLE PASSWORD FIELD FOUND: had_password_prefilled=false
PARAM: ab_test_data=AAAAA/VAAKAAAAAAAAAKAAAAAAAAAAAAAAKAAAAAPf/PvvAAAAGBAA
[] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.

192.168.178.144 - - [04/Aug/2020 21:33:24] "POST /device-based/regular/login/?login_attempt=1&lwv=100 HTTP/1.1" 302 - [*] WE GOT A HIT! Printing the output: POSSIBLE USERNAME FIELD FOUND: ------WebKitFormBoundaryyVLZGZgcEBSIFZUK
Content-Disposition: form-data; name="ts"

1596569606726
------WebKitFormBoundaryyVLZGZgcEBSIFZUK
Content-Disposition: form-data; name="q"

[{"app_id":"256281040558","posts":[["time_spent_bit_array",{"tos_id":"nupx3b","start_time":1596569595,"tos_array":[203,0],"tos_len":9,"tos_seq":0,"tos_cum":5,"sid_raw":"::nupx3b"},1596569603015.37,2,120]],"user":"0","webSessionId":"::nupx3b","trigger":"click_ref_logger","send_method":"ajax","compression":""},{"app_id":"256281040558","posts":[["click_ref_logger",["2av5",1596569603319,"act",1596569603317,0,"pass","click","click","-","r","/",{"ft":{"click_type":"left"},"gt":{}},769,349,0,0,"nupx3b","/login.php"],1596569603319.35,1,150]],"user":"0","webSessionId":":j1n7qi:nupx3b","compression":""},{"app_id":"256281040558","posts":[["click_ref_logger",["2av5",1596569606702,"act",1596569606701,1,"login","click","click","-","r","/",{"ft":{"click_type":"left"},"gt":{}},756,398,0,0,"nupx3b","/login.php"],1596569606701.81,0,151],["logger:LoginServicePasswordEncryptDecryptEventLoggerConfig",{"error":"BrowserEncryptionFailureInLoginFormControllerWWW","growth_flow":"Bluebar/main login WWW","error_message":"Cannot read property 'generateKey' of undefined","password_tag":"#PWD_BROWSER","password_encryption_version":5,"password_timestamp":"1596569606","__options":{"event_time":1596569606.711}},1596569606711.19,0,303]],"user":"0","webSessionId":"mohxf4:j1n7qi:nupx3b","compression":""},{"webSessionId":"mohxf4:j1n7qi:nupx3b","posts":[["categorized_ods",{"2979":{"banzai":{"blue_messages_received":[4]}}},1596569606724.26,0,50]],"user":"0","app_id":"256281040558","compression":""},{"webSessionId":"mohxf4:j1n7qi:nupx3b","posts":[["categorized_ods",{"2979":{"banzai":{"blue_messages_sent":[6]}}},1596569606724.395,0,46]],"user":"0","app_id":"256281040558","compression":""}]
------WebKitFormBoundaryyVLZGZgcEBSIFZUK--
POSSIBLE PASSWORD FIELD FOUND: ------WebKitFormBoundaryyVLZGZgcEBSIFZUK
Content-Disposition: form-data; name="ts"

1596569606726
------WebKitFormBoundaryyVLZGZgcEBSIFZUK
Content-Disposition: form-data; name="q"

[{"app_id":"256281040558","posts":[["time_spent_bit_array",{"tos_id":"nupx3b","start_time":1596569595,"tos_array":[203,0],"tos_len":9,"tos_seq":0,"tos_cum":5,"sid_raw":"::nupx3b"},1596569603015.37,2,120]],"user":"0","webSessionId":"::nupx3b","trigger":"click_ref_logger","send_method":"ajax","compression":""},{"app_id":"256281040558","posts":[["click_ref_logger",["2av5",1596569603319,"act",1596569603317,0,"pass","click","click","-","r","/",{"ft":{"click_type":"left"},"gt":{}},769,349,0,0,"nupx3b","/login.php"],1596569603319.35,1,150]],"user":"0","webSessionId":":j1n7qi:nupx3b","compression":""},{"app_id":"256281040558","posts":[["click_ref_logger",["2av5",1596569606702,"act",1596569606701,1,"login","click","click","-","r","/",{"ft":{"click_type":"left"},"gt":{}},756,398,0,0,"nupx3b","/login.php"],1596569606701.81,0,151],["logger:LoginServicePasswordEncryptDecryptEventLoggerConfig",{"error":"BrowserEncryptionFailureInLoginFormControllerWWW","growth_flow":"Bluebar/main login WWW","error_message":"Cannot read property 'generateKey' of undefined","password_tag":"#PWD_BROWSER","password_encryption_version":5,"password_timestamp":"1596569606","__options":{"event_time":1596569606.711}},1596569606711.19,0,303]],"user":"0","webSessionId":"mohxf4:j1n7qi:nupx3b","compression":""},{"webSessionId":"mohxf4:j1n7qi:nupx3b","posts":[["categorized_ods",{"2979":{"banzai":{"blue_messages_received":[4]}}},1596569606724.26,0,50]],"user":"0","app_id":"256281040558","compression":""},{"webSessionId":"mohxf4:j1n7qi:nupx3b","posts":[["categorized_ods",{"2979":{"banzai":{"blue_messages_sent":[6]}}},1596569606724.395,0,46]],"user":"0","app_id":"256281040558","compression":""}]
------WebKitFormBoundaryyVLZGZgcEBSIFZUK--
[*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.

192.168.178.144 - - [04/Aug/2020 21:33:24] "POST /ajax/bz?a=1&beoa=0&ccg=EXCELLENT&comet_req=0&csr=&dyn=7xe6Fo4OQ1PyUbFuC1swgE98nwgU6C7UW3q327E2vwXx60kO4o3Bw5VCwjE3awbG783pwlU7i0n2US1kyE1oU884y0Mo28xe0SU2swdq0Ho2ew&hsi=6857214166781162791-0&pc=PHASED%3ADEFAULT&req=4&rev=1002462360&s=mohxf4%3Aj1n7qi%3Anupx3b&spin_b=trunk&spin_r=1002462360&__spin_t=1596569588&user=0&bz_orig=blue&dpr=1&jazoest=2625&lsd=AVos7GD6 HTTP/1.1" 302 - [*] WE GOT A HIT! Printing the output: POSSIBLE USERNAME FIELD FOUND: ------WebKitFormBoundaryEj1lIPYADIfyaDFP
Content-Disposition: form-data; name="ts"

1596569607179
------WebKitFormBoundaryEj1lIPYADIfyaDFP
Content-Disposition: form-data; name="q"

[{"app_id":"256281040558","posts":[["time_spent_bit_array",{"tos_id":"nupx3b","start_time":1596569595,"tos_array":[203,0],"tos_len":9,"tos_seq":0,"tos_cum":5,"sid_raw":"::nupx3b"},1596569603015.37,3,120]],"user":"0","webSessionId":"::nupx3b","send_method":"beacon","compression":""},{"app_id":"256281040558","posts":[["click_ref_logger",["2av5",1596569603319,"act",1596569603317,0,"pass","click","click","-","r","/",{"ft":{"click_type":"left"},"gt":{}},769,349,0,0,"nupx3b","/login.php"],1596569603319.35,2,150]],"user":"0","webSessionId":":j1n7qi:nupx3b","compression":""},{"app_id":"256281040558","posts":[["click_ref_logger",["2av5",1596569606702,"act",1596569606701,1,"login","click","click","-","r","/",{"ft":{"click_type":"left"},"gt":{}},756,398,0,0,"nupx3b","/login.php"],1596569606701.81,1,151]],"user":"0","webSessionId":"mohxf4:j1n7qi:nupx3b","compression":""},{"webSessionId":"mohxf4:j1n7qi:nupx3b","posts":[["categorized_ods",{"2979":{"banzai":{"blue_messages_received":[2]}}},1596569607177.93,0,50]],"user":"0","app_id":"256281040558","compression":""},{"webSessionId":"mohxf4:j1n7qi:nupx3b","posts":[["categorized_ods",{"2979":{"banzai":{"blue_messages_sent":[5]}}},1596569607178.005,0,46]],"user":"0","app_id":"256281040558","compression":""}]
------WebKitFormBoundaryEj1lIPYADIfyaDFP--
POSSIBLE PASSWORD FIELD FOUND: ------WebKitFormBoundaryEj1lIPYADIfyaDFP
Content-Disposition: form-data; name="ts"

1596569607179
------WebKitFormBoundaryEj1lIPYADIfyaDFP
Content-Disposition: form-data; name="q"

[{"app_id":"256281040558","posts":[["time_spent_bit_array",{"tos_id":"nupx3b","start_time":1596569595,"tos_array":[203,0],"tos_len":9,"tos_seq":0,"tos_cum":5,"sid_raw":"::nupx3b"},1596569603015.37,3,120]],"user":"0","webSessionId":"::nupx3b","send_method":"beacon","compression":""},{"app_id":"256281040558","posts":[["click_ref_logger",["2av5",1596569603319,"act",1596569603317,0,"pass","click","click","-","r","/",{"ft":{"click_type":"left"},"gt":{}},769,349,0,0,"nupx3b","/login.php"],1596569603319.35,2,150]],"user":"0","webSessionId":":j1n7qi:nupx3b","compression":""},{"app_id":"256281040558","posts":[["click_ref_logger",["2av5",1596569606702,"act",1596569606701,1,"login","click","click","-","r","/",{"ft":{"click_type":"left"},"gt":{}},756,398,0,0,"nupx3b","/login.php"],1596569606701.81,1,151]],"user":"0","webSessionId":"mohxf4:j1n7qi:nupx3b","compression":""},{"webSessionId":"mohxf4:j1n7qi:nupx3b","posts":[["categorized_ods",{"2979":{"banzai":{"blue_messages_received":[2]}}},1596569607177.93,0,50]],"user":"0","app_id":"256281040558","compression":""},{"webSessionId":"mohxf4:j1n7qi:nupx3b","posts":[["categorized_ods",{"2979":{"banzai":{"blue_messages_sent":[5]}}},1596569607178.005,0,46]],"user":"0","app_id":"256281040558","compression":""}]
------WebKitFormBoundaryEj1lIPYADIfyaDFP--
[*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.

192.168.178.144 - - [04/Aug/2020 21:33:24] "POST /ajax/bz?a=1&beoa=0&ccg=EXCELLENT&comet_req=0&csr=&dyn=7xe6Fo4OQ1PyUbFuC1swgE98nwgU6C7UW3q327E2vwXx60kO4o3Bw5VCwjE3awbG783pwlU7i0n2US1kyE1oU884y0Mo28xe0SU2swdq0Ho2ew&hsi=6857214166781162791-0&pc=PHASED%3ADEFAULT&req=5&rev=1002462360&s=mohxf4%3Aj1n7qi%3Anupx3b&spin_b=trunk&spin_r=1002462360&__spin_t=1596569588&user=0&bz_orig=blue&dpr=1&jazoest=2625&lsd=AVos7GD6 HTTP/1.1" 302 - [*] WE GOT A HIT! Printing the output: POSSIBLE USERNAME FIELD FOUND: ------WebKitFormBoundary0MSH3n0Wgg3hiQnb
Content-Disposition: form-data; name="ts"

1596569607184
------WebKitFormBoundary0MSH3n0Wgg3hiQnb
Content-Disposition: form-data; name="q"

[{"app_id":"256281040558","posts":"/QSQW1siY2F0ZWdvcml6ZWRfb2RzIix7IjI5NzkiOnsiYmFuemFpIgEK8DxsdWVfdG90YWxfbWVzc2FnZXNfcmVjZWl2ZWQiOls0OV19fX0sMTU5NjU2OTYwNzE4MC42NCwwLDU3XSxb5mQAIHNlbnQiOls1NU5gAAA5AWBgM10sWyJ0aW1lX3NwZW50X2JpdF9hcnJheQHJXHRvc19pZCI6Im51cHgzYiIsInN0YXJ0XwEwBCI6Fa8EMywFKgk3GDpbMTUsMF0JExRsZW4iOjUJDBRzZXEiOjEJDHxjdW0iOjksInNpZF9yYXciOiJtb2h4ZjQ6ajFuN3FpOg1wNhMBKDEuMDI1LDAsMTMxAbVEc2NyaXB0X3BhdGhfY2hhbmdlAbMUc291cmNlBRYwIjoiL2xvZ2luLnBocAG8CRsIdG9rAZY4ImFkOTc2NDIwIiwiZGVzCUkUIjpudWxsDRENKQkSNGNhdXNlIjoidW5sb2FkAU52uwAALBGKGGVmX3BhZ2URWg2FdHVyaSI6Imh0dHBzOi8vd3d3LmZhY2Vib29rLmNvbR23PgMBKDYyNSwwLDIxMV1d","user":"0","webSessionId":"mohxf4:j1n7qi:nupx3b","send_method":"beacon","compression":"snappy_base64","snappy_ms":2},{"webSessionId":"mohxf4:j1n7qi:nupx3b","posts":[["categorized_ods",{"2979":{"banzai":{"blue_messages_received":[4]}}},1596569607181.965,0,50]],"user":"0","app_id":"256281040558","compression":""},{"webSessionId":"mohxf4:j1n7qi:nupx3b","posts":[["categorized_ods",{"2979":{"banzai":{"blue_messages_sent":[6]}}},1596569607182.005,0,46]],"user":"0","app_id":"256281040558","compression":""}]
------WebKitFormBoundary0MSH3n0Wgg3hiQnb--
[*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.

192.168.178.144 - - [04/Aug/2020 21:33:24] "POST /ajax/bz?a=1&beoa=0&ccg=EXCELLENT&comet_req=0&csr=&dyn=7xe6Fo4OQ1PyUbFuC1swgE98nwgU6C7UW3q327E2vwXx60kO4o3Bw5VCwjE3awbG783pwlU7i0n2US1kyE1oU884y0Mo28xe0SU2swdq0Ho2ew&hsi=6857214166781162791-0&pc=PHASED%3ADEFAULT&req=6&rev=1002462360&s=mohxf4%3Aj1n7qi%3Anupx3b&spin_b=trunk&spin_r=1002462360&__spin_t=1596569588&user=0&bz_orig=blue&dpr=1&jazoest=2625&lsd=AVos7GD6 HTTP/1.1" 302 -

likhithkanigolla commented 4 years ago

SAME ISSUE

I AM GETTING THIS ERROR

Something went wrong, printing the error: No module named 'pexpect'

bkaitare commented 4 years ago

Hi, did you get the solution to this? I am also getting a similar problem.

KrisCoder1 commented 4 years ago

No, but if you look closely at the output, you can still see the credentials

v41le commented 1 year ago

at least it shows you the credentials, to me all that code without any credentials

AndreeLescano-137 commented 1 year ago

Lo solucionaron? estoy en lo mismo

sonnyovabeach commented 1 year ago

I've got nothing, no username or pass, have scanned the code carefully:

[*] WE GOT A HIT! Printing the output: PARAM: ------WebKitFormBoundary9LvxQ1ICXBOwG07R
Content-Disposition: form-data; name="ts"

1688613838964
------WebKitFormBoundary9LvxQ1ICXBOwG07R
Content-Disposition: form-data; name="q"

[{"app_id":"256281040558","posts":"uBLwoltbInJlcXVpcmVfY29uZF9leHBvc3VyZV9sb2dnaW5nIix7ImlkZW50aWZpZXIiOiJBYTJFU0NwUDhaa3QwYVNtUTdKdTVIcWlYUWI3Um0zcnVuQ2xNX295V3haak44dzZoellNdnNWTzBxWWxOc0dMTUJHNFRkNTUzdHVVSW5keGwtUUE0aGMifSwxNjg4NjEzODM3OTUxLjUsMCwxMDRdLFvCoQDwWDNQaXRkYVlCVk0xRzY4VGhTOElwVzJEckIwaDhxSDJaelBUTVdXdVpQRTJ5cXBJRmcxN3laQ2wxTExmM0hUYkctVVBGUEtCQzhQYnF0S2lHVVZYeFFYVDM0QqUAADgFpQA4AaUIZ2syNT1CNQGYMTA3MzUwMCIsImhhc2giOiJBVDdhSm1mbnFXeWlveE9PRThBIn0sNgIBAV0ENTMBXL6iAfBUMF9DZm1ESVJYVkJhWmw4N3BTSWptYkJuQlAtS2plbmk2N3NQR2JsZDhIdDhqMTBwVEdNSHNPUTRMZm1HN1BVNDdmelh0RjhSSHI3aDZGMXQwYWM1b1r9AAA0AaFy/QAUNzA4MjUzLvwAQDVuNGhCTDNZVE1uUVd0NnI0QlwAFDksMCw1MoJbABQ2NzY4MzcuWwBANE44d0JaQThjdENkSHdFOG9qWwDCVwHwWlU1SUZ4T0NRdl9hU1M4aE5Yemc5Y2pEZ29QZWNOc3RHb09CQk50SjY3RzI3SGJrdHhER0RDUV9HOXhkN3hYajR0Mk1qeEo2S0FpaFZaRmRfd3VOanlpR3o1MGdSpwAIMTExIQO+qADwWDNPa0FlRlFzTlpGMnlOSEl1eWljMWFnUnY5ZTZkT2xCYmVWMDY2V2RZNG9BZHlBSXhmdXU4THpYUGVtT014a3FESFBrZERmOEkxdkx0MWVVSGhBS3hHT0owOqUAADKi/gIMOTk4OTYCAjxrbHkyTFNaVl9ES0dSRlI0PlsABC4xQQJF/vBWZmFsY286d2ViX2JsdWVfdGltZV9zcGVudF9uYXZpZ2F0aW9uIix7ImUiOiJ7XCJqc29uX2RhdGFcIjpcIntcXFwic291cmNlX3BhdGhcXFwiOm51bGwsAQoAcwkZEHRva2VuARAZGhBkZXN0XxUxARxIWFdlYkxvZ2luQ29udHJvbGxlcgEXACwBBQUuGUYBExw5NmU4OGFmMwEMBSQwaW1wcmVzc2lvbl9pZAEWBSdAMW1FdEVpTmFXeW8xdkZYckkBGgUwEGNhdXNlAQ4FKAhsb2EFNQUbGHNpZF9yYXcVHUx5NzVwajY6OWczbzU2OjY4aTg0cQEdBS0UcmVmZXJyCa0FSxUaBbYUZWZfcGFnCWkAbjEYBRoIdXJpASsFNGRodHRwczovL3d3dy5mYWNlYm9vay5jb20vbCESDC5waHABK/DQfVwi
[*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.

10.9.0.1 - - [05/Jul/2023 23:23:59] "POST /ajax/bz?a=1&ccg=EXCELLENT&dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ew4Kw5rwSyE1582ZwrU19E36w&hs=19544.BP%3ADEFAULT.2.0..0.0&hsi=7252541175720671289&req=1&rev=1007794054&s=y75pj6%3A9g3o56%3A68i84q&spin_b=trunk&__spin_r=1007794054&spin_t=1688613830&__user=0&dpr=1&jazoest=2904&lsd=AVr1EUe1Lco HTTP/1.0" 302 - [*] WE GOT A HIT! Printing the output: PARAM: ------WebKitFormBoundarydxuzkRTEAn9csk3I
Content-Disposition: form-data; name="ts"

1688613846974
------WebKitFormBoundarydxuzkRTEAn9csk3I
Content-Disposition: form-data; name="q"

[{"app_id":"256281040558","posts":[["falco:bd_pdc_signals",{"e":"{\"asid\":\"e356a84a-9624-4965-8e81-1479936501c0\",\"ct\":1
[*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.

10.9.0.1 - - [05/Jul/2023 23:24:07] "POST /ajax/bz?a=1&ccg=EXCELLENT&dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ew4Kw5rwSyE1582ZwrU19E36w&hs=19544.BP%3ADEFAULT.2.0..0.0&hsi=7252541175720671289&req=2&rev=1007794054&s=y75pj6%3A9g3o56%3A68i84q&spin_b=trunk&__spin_r=1007794054&spin_t=1688613830&user=0&dpr=1&jazoest=2904&lsd=AVr1EUe1Lco HTTP/1.0" 302 - [*] WE GOT A HIT! Printing the output: PARAM: local_storage[Session]=20
PARAM: local_storage[hb_timestamp]=13
PARAM: local_storage[signal_flush_timestamp]=13
PARAM: session_storage[TabId]=6
PARAM: session_storage[sp_pi]=216
PARAM: logtime=1
POSSIBLE USERNAME FIELD FOUND: user=0
PARAM: a=1
PARAM: req=3
PARAM: hs=19544.BP:DEFAULT.2.0..0.0
PARAM: dpr=1
PARAM: ccg=EXCELLENT
PARAM: rev=1007794054
PARAM: s=y75pj6:9g3o56:68i84q
PARAM: hsi=7252541175720671289
PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ew4Kw5rwSyE1582ZwrU19E36w
PARAM: csr=
PARAM: lsd=AVr1EUe1Lco
PARAM: jazoest=2904
POSSIBLE PASSWORD FIELD FOUND: __spin_r=1007794054
POSSIBLE PASSWORD FIELD FOUND: spin_b=trunk
POSSIBLE PASSWORD FIELD FOUND: __spin_t=1688613830
[*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.

10.9.0.1 - - [05/Jul/2023 23:24:28] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.0" 302 - [] WE GOT A HIT! Printing the output: PARAM: local_storage[Session]=20
PARAM: local_storage[hb_timestamp]=13
PARAM: local_storage[signal_flush_timestamp]=13
PARAM: session_storage[TabId]=6
PARAM: session_storage[sp_pi]=216
PARAM: logtime=1
POSSIBLE USERNAME FIELD FOUND: user=0
PARAM: a=1
PARAM: req=4
PARAM: hs=19544.BP:DEFAULT.2.0..0.0
PARAM: dpr=1
PARAM: ccg=EXCELLENT
PARAM: rev=1007794054
PARAM: s=y75pj6:9g3o56:68i84q
PARAM: hsi=7252541175720671289
PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ew4Kw5rwSyE1582ZwrU19E36w
PARAM: csr=
PARAM: lsd=AVr1EUe1Lco
PARAM: jazoest=2904
POSSIBLE PASSWORD FIELD FOUND: spin_r=1007794054
POSSIBLE PASSWORD FIELD FOUND: __spin_b=trunk
POSSIBLE PASSWORD FIELD FOUND: spin_t=1688613830
[] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.

10.9.0.1 - - [05/Jul/2023 23:24:29] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.0" 302 - [] WE GOT A HIT! Printing the output: PARAM: local_storage[Session]=20
PARAM: local_storage[hb_timestamp]=13
PARAM: local_storage[signal_flush_timestamp]=13
PARAM: session_storage[TabId]=6
PARAM: session_storage[sp_pi]=216
PARAM: logtime=1
POSSIBLE USERNAME FIELD FOUND: user=0
PARAM: a=1
PARAM: req=5
PARAM: hs=19544.BP:DEFAULT.2.0..0.0
PARAM: dpr=1
PARAM: ccg=EXCELLENT
PARAM: rev=1007794054
PARAM: s=y75pj6:9g3o56:68i84q
PARAM: hsi=7252541175720671289
PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ew4Kw5rwSyE1582ZwrU19E36w
PARAM: csr=
PARAM: lsd=AVr1EUe1Lco
PARAM: jazoest=2904
POSSIBLE PASSWORD FIELD FOUND: spin_r=1007794054
POSSIBLE PASSWORD FIELD FOUND: __spin_b=trunk
POSSIBLE PASSWORD FIELD FOUND: spin_t=1688613830
[] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.

10.9.0.1 - - [05/Jul/2023 23:24:30] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.0" 302 - [*] WE GOT A HIT! Printing the output: PARAM: ------WebKitFormBoundaryVo0ZZumNiVcUYyJy
Content-Disposition: form-data; name="ts"

1688613903391
------WebKitFormBoundaryVo0ZZumNiVcUYyJy
Content-Disposition: form-data; name="q"

[{"app_id":"256281040558","posts":[["falco:bd_pdc_signals",{"e":"{\"asid\":\"e356a84a-9624-4965-8e81-1479936501c0\",\"ct\":1
[*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.

10.9.0.1 - - [05/Jul/2023 23:25:03] "POST /ajax/bz?a=1&ccg=EXCELLENT&dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ew4Kw5rwSyE1582ZwrU19E36w&hs=19544.BP%3ADEFAULT.2.0..0.0&hsi=7252541175720671289&req=6&rev=1007794054&s=cc3pa0%3A9g3o56%3A68i84q&spin_b=trunk&__spin_r=1007794054&spin_t=1688613830&user=0&dpr=1&jazoest=2904&lsd=AVr1EUe1Lco HTTP/1.0" 302 - [*] WE GOT A HIT! Printing the output: PARAM: local_storage[Session]=20
PARAM: local_storage[hb_timestamp]=13
PARAM: local_storage[signal_flush_timestamp]=13
PARAM: session_storage[TabId]=6
PARAM: session_storage[sp_pi]=216
PARAM: logtime=0
POSSIBLE USERNAME FIELD FOUND: user=0
PARAM: a=1
PARAM: req=7
PARAM: hs=19544.BP:DEFAULT.2.0..0.0
PARAM: dpr=1
PARAM: ccg=EXCELLENT
PARAM: rev=1007794054
PARAM: s=cc3pa0:9g3o56:68i84q
PARAM: hsi=7252541175720671289
PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ew4Kw5rwSyE1582ZwrU19E36w
PARAM: csr=
PARAM: lsd=AVr1EUe1Lco
PARAM: jazoest=2904
POSSIBLE PASSWORD FIELD FOUND: __spin_r=1007794054
POSSIBLE PASSWORD FIELD FOUND: spin_b=trunk
POSSIBLE PASSWORD FIELD FOUND: __spin_t=1688613830
[*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.

10.9.0.1 - - [05/Jul/2023 23:25:29] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.0" 302 - [] WE GOT A HIT! Printing the output: PARAM: local_storage[Session]=20
PARAM: local_storage[hb_timestamp]=13
PARAM: local_storage[signal_flush_timestamp]=13
PARAM: session_storage[TabId]=6
PARAM: session_storage[sp_pi]=216
PARAM: logtime=0
POSSIBLE USERNAME FIELD FOUND: user=0
PARAM: a=1
PARAM: req=8
PARAM: hs=19544.BP:DEFAULT.2.0..0.0
PARAM: dpr=1
PARAM: ccg=EXCELLENT
PARAM: rev=1007794054
PARAM: s=cc3pa0:9g3o56:68i84q
PARAM: hsi=7252541175720671289
PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ew4Kw5rwSyE1582ZwrU19E36w
PARAM: csr=
PARAM: lsd=AVr1EUe1Lco
PARAM: jazoest=2904
POSSIBLE PASSWORD FIELD FOUND: spin_r=1007794054
POSSIBLE PASSWORD FIELD FOUND: __spin_b=trunk
POSSIBLE PASSWORD FIELD FOUND: spin_t=1688613830
[] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.

10.9.0.1 - - [05/Jul/2023 23:25:30] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.0" 302 - [] WE GOT A HIT! Printing the output: PARAM: local_storage[Session]=20
PARAM: local_storage[hb_timestamp]=13
PARAM: local_storage[signal_flush_timestamp]=13
PARAM: session_storage[TabId]=6
PARAM: session_storage[sp_pi]=216
PARAM: logtime=0
POSSIBLE USERNAME FIELD FOUND: user=0
PARAM: a=1
PARAM: req=9
PARAM: hs=19544.BP:DEFAULT.2.0..0.0
PARAM: dpr=1
PARAM: ccg=EXCELLENT
PARAM: rev=1007794054
PARAM: s=cc3pa0:9g3o56:68i84q
PARAM: hsi=7252541175720671289
PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ew4Kw5rwSyE1582ZwrU19E36w
PARAM: csr=
PARAM: lsd=AVr1EUe1Lco
PARAM: jazoest=2904
POSSIBLE PASSWORD FIELD FOUND: spin_r=1007794054
POSSIBLE PASSWORD FIELD FOUND: __spin_b=trunk
POSSIBLE PASSWORD FIELD FOUND: spin_t=1688613830
[] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.

10.9.0.1 - - [05/Jul/2023 23:25:31] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.0" 302 - [] WE GOT A HIT! Printing the output: PARAM: local_storage[Session]=20
PARAM: local_storage[hb_timestamp]=13
PARAM: local_storage[signal_flush_timestamp]=13
PARAM: session_storage[TabId]=6
PARAM: session_storage[sp_pi]=216
PARAM: logtime=0
POSSIBLE USERNAME FIELD FOUND: user=0
PARAM: a=1
PARAM: req=a
PARAM: hs=19544.BP:DEFAULT.2.0..0.0
PARAM: dpr=1
PARAM: ccg=EXCELLENT
PARAM: rev=1007794054
PARAM: s=:9g3o56:68i84q
PARAM: hsi=7252541175720671289
PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ew4Kw5rwSyE1582ZwrU19E36w
PARAM: csr=
PARAM: lsd=AVr1EUe1Lco
PARAM: jazoest=2904
POSSIBLE PASSWORD FIELD FOUND: spin_r=1007794054
POSSIBLE PASSWORD FIELD FOUND: __spin_b=trunk
POSSIBLE PASSWORD FIELD FOUND: spin_t=1688613830
[] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.

10.9.0.1 - - [05/Jul/2023 23:26:30] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.0" 302 - [] WE GOT A HIT! Printing the output: PARAM: local_storage[Session]=20
PARAM: local_storage[hb_timestamp]=13
PARAM: local_storage[signal_flush_timestamp]=13
PARAM: session_storage[TabId]=6
PARAM: session_storage[sp_pi]=216
PARAM: logtime=0
POSSIBLE USERNAME FIELD FOUND: user=0
PARAM: a=1
PARAM: req=b
PARAM: hs=19544.BP:DEFAULT.2.0..0.0
PARAM: dpr=1
PARAM: ccg=EXCELLENT
PARAM: rev=1007794054
PARAM: s=:9g3o56:68i84q
PARAM: hsi=7252541175720671289
PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ew4Kw5rwSyE1582ZwrU19E36w
PARAM: csr=
PARAM: lsd=AVr1EUe1Lco
PARAM: jazoest=2904
POSSIBLE PASSWORD FIELD FOUND: spin_r=1007794054
POSSIBLE PASSWORD FIELD FOUND: __spin_b=trunk
POSSIBLE PASSWORD FIELD FOUND: spin_t=1688613830
[] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.

10.9.0.1 - - [05/Jul/2023 23:26:31] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.0" 302 - [] WE GOT A HIT! Printing the output: PARAM: local_storage[Session]=20
PARAM: local_storage[hb_timestamp]=13
PARAM: local_storage[signal_flush_timestamp]=13
PARAM: session_storage[TabId]=6
PARAM: session_storage[sp_pi]=216
PARAM: logtime=0
POSSIBLE USERNAME FIELD FOUND: user=0
PARAM: a=1
PARAM: req=c
PARAM: hs=19544.BP:DEFAULT.2.0..0.0
PARAM: dpr=1
PARAM: ccg=EXCELLENT
PARAM: rev=1007794054
PARAM: s=:9g3o56:68i84q
PARAM: hsi=7252541175720671289
PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ew4Kw5rwSyE1582ZwrU19E36w
PARAM: csr=
PARAM: lsd=AVr1EUe1Lco
PARAM: jazoest=2904
POSSIBLE PASSWORD FIELD FOUND: spin_r=1007794054
POSSIBLE PASSWORD FIELD FOUND: __spin_b=trunk
POSSIBLE PASSWORD FIELD FOUND: spin_t=1688613830
[] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.

10.9.0.1 - - [05/Jul/2023 23:26:32] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.0" 302 - [*] WE GOT A HIT! Printing the output: PARAM: ------WebKitFormBoundaryipThBY4cqemhA6ot
Content-Disposition: form-data; name="ts"

1688614101967
------WebKitFormBoundaryipThBY4cqemhA6ot
Content-Disposition: form-data; name="q"

[{"app_id":"256281040558","posts":"qQWAW1siZmFsY286b2RzX3dlYl9iYXRjaCIseyJlIjoie1wiBRAkXCI6e1wiMTM0NAkKBTMYLmV2ZW50LgE1VHRpb
[*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.

10.9.0.1 - - [05/Jul/2023 23:28:22] "POST /ajax/bz?a=1&ccg=EXCELLENT&dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ew4Kw5rwSyE1582ZwrU19E36w&hs=19544.BP%3ADEFAULT.2.0..0.0&hsi=7252541175720671289&req=d&rev=1007794054&s=dedbwn%3A9g3o56%3A68i84q&spin_b=trunk&__spin_r=1007794054&spin_t=1688613830&__user=0&dpr=1&jazoest=2904&lsd=AVr1EUe1Lco HTTP/1.0" 302 - [*] WE GOT A HIT! Printing the output: POSSIBLE USERNAME FIELD FOUND: ------WebKitFormBoundaryQESv6eJW2bAHYm5A
Content-Disposition: form-data; name="ts"

1688614103406
------WebKitFormBoundaryQESv6eJW2bAHYm5A
Content-Disposition: form-data; name="q"

[{"app_id":"256281040558","posts":"ywjwVFtbImZhbGNvOndlYl9ibHVlX3RpbWVfc3BlbnRfbmF2aWdhdGlvbiIseyJlIjoie1wianNvbl9kYXRhXCI6XCJ7XFxcInNvdXJjZV9wYXRoXFxcIjoBFEhYV2ViTG9naW5Db250cm9sbGVyARcALAEFDTAQdG9rZW4BEAA6AQUcOTZlODhhZjMBDAUmDGRlc3QZVAxudWxsGRcZOxUYEGNhdXNlAT0FThR1bmxvYWQBDwU1GHNpZF9yYXcBEAUfTGRlZGJ3bjo5ZzNvNTY6NjhpODRxAR0ALAEFDZ8UZWZfcGFnCVMVZg0cCHVyaQEqBUxkaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2wB/wwucGhwASvw0H1cIn0iLCJyIjoxLCJkIjoiJF58QWNiQUhqVkN0OW03NHU1aGFPblgzSzgzVHYxaHk3b2J5dEJuVzNoT2MwTmtIX3JRd3pNc0NLRE5zWUxtZW80UXlUQU5ZMndBeDZqcGdjM0pCdkkzWHJsYzZnfGZkLkFjWUFLNW5wcTNIc0pBM0x0TG81WnBWcXBUbFJubVNkNmhfd0tPMXoyR08xVV9lTUgxWGRNaDFXMDFkRjZmT0xMTGJubkFIWUlYOFZqR29oQTFaMFdDUmMiLCJzIjoiTkMBaCIsInQiOjE2ODg2MTQwOTcwMDAuNDAwMX0sMQkUPDEwMzQwMy4xLDAsNTc0XSwufgJdeSBiaXRfYXJyYXldeDHDCCI6XFa/ASAiLFwic3RhcnQFSgRcIhGIIDEwMSxcInRvcwlTHFwiOlsxLDBdDRQIY3VtASsANA0PCGlkXAFhTRIBUwE5GGxlblwiOjMNJAhzZXEBDv7PAf7PAf7PAc7PAQgxLjg2zAEoNC4xLDAsNDAyXV0=","user":"0","webSessionId":"dedbwn:9g3o56:68i84q","send_method":"beacon","compression":"snappy_base64","snappy_ms":1}]
------WebKitFormBoundaryQESv6eJW2bAHYm5A--
[*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.

10.9.0.1 - - [05/Jul/2023 23:28:23] "POST /ajax/bz?a=1&ccg=EXCELLENT&dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ew4Kw5rwSyE1582ZwrU19E36w&hs=19544.BP%3ADEFAULT.2.0..0.0&hsi=7252541175720671289&req=e&rev=1007794054&s=dedbwn%3A9g3o56%3A68i84q&spin_b=trunk&__spin_r=1007794054&spin_t=1688613830&__user=0&dpr=1&jazoest=2904&lsd=AVr1EUe1Lco HTTP/1.0" 302 -

Has anyone found a solution / workaround