search

ustayready / CredSniper

CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.
Apache License 2.0
1.31k stars 293 forks source link

ImportError: No module named 'flask' #8

Closed r00tb3 closed 6 years ago

r00tb3 commented 6 years ago

why am I getting this error?

python3 credsniper.py --module gmail --twofactor --port 443 --ssl --verbose --final gmail.com --hostname gmail.com
Traceback (most recent call last):
  File "credsniper.py", line 1, in <module>
    from flask import Flask, jsonify, request, abort, Response
ImportError: No module named 'flask'
Yossi commented 6 years ago

pip3 install -r requirements.txt

r00tb3 commented 6 years ago 
pip install -r requirements.txt
Requirement already satisfied: flask in /usr/lib/python2.7/dist-packages (from -r requirements.txt (line 1))
Requirement already satisfied: mechanicalsoup in /usr/local/lib/python2.7/dist-packages (from -r requirements.txt (line 2))
Requirement already satisfied: beautifulsoup4 in /usr/lib/python2.7/dist-packages (from mechanicalsoup->-r requirements.txt (line 2))
Requirement already satisfied: requests>=2.0 in /usr/local/lib/python2.7/dist-packages (from mechanicalsoup->-r requirements.txt (line 2))
Requirement already satisfied: six>=1.4 in /usr/lib/python2.7/dist-packages (from mechanicalsoup->-r requirements.txt (line 2))
Requirement already satisfied: idna<2.6,>=2.5 in /usr/local/lib/python2.7/dist-packages (from requests>=2.0->mechanicalsoup->-r requirements.txt (line 2))
Requirement already satisfied: urllib3<1.22,>=1.21.1 in /usr/local/lib/python2.7/dist-packages (from requests>=2.0->mechanicalsoup->-r requirements.txt (line 2))
Requirement already satisfied: chardet<3.1.0,>=3.0.2 in /usr/local/lib/python2.7/dist-packages (from requests>=2.0->mechanicalsoup->-r requirements.txt (line 2))
Requirement already satisfied: certifi>=2017.4.17 in /usr/local/lib/python2.7/dist-packages (from requests>=2.0->mechanicalsoup->-r requirements.txt (line 2))
Yossi commented 6 years ago

Ah, it should be pip3. I'll correct my other comment

r00tb3 commented 6 years ago

Now I'm getting this error...

Traceback (most recent call last):
  File "credsniper.py", line 145, in <module>
    ssl_context=context
  File "/usr/local/lib/python3.5/dist-packages/flask/app.py", line 841, in run
    run_simple(host, port, self, **options)
  File "/usr/local/lib/python3.5/dist-packages/werkzeug/serving.py", line 739, in run_simple
    inner()
  File "/usr/local/lib/python3.5/dist-packages/werkzeug/serving.py", line 699, in inner
    fd=fd)
  File "/usr/local/lib/python3.5/dist-packages/werkzeug/serving.py", line 593, in make_server
    passthrough_errors, ssl_context, fd=fd)
  File "/usr/local/lib/python3.5/dist-packages/werkzeug/serving.py", line 528, in __init__
    self.socket = ssl_context.wrap_socket(sock, server_side=True)
  File "/usr/local/lib/python3.5/dist-packages/werkzeug/serving.py", line 450, in wrap_socket
    ssl_version=self._protocol, **kwargs)
  File "/usr/lib/python3.5/ssl.py", line 1077, in wrap_socket
    ciphers=ciphers)
  File "/usr/lib/python3.5/ssl.py", line 699, in __init__
    self._context.load_cert_chain(certfile, keyfile)
FileNotFoundError: [Errno 2] No such file or directory
Yossi commented 6 years ago

Does this work when you run ./install.sh ?

r00tb3 commented 6 years ago

@Yossi I don't understand whats wrong!!

 ./install.sh
Module to deploy (ex: gmail)? gmail
Final redirect URL: google.com
Enable SSL? [Y/n] Y
Enable two-factor phishing? [Y/n] Y
Enter hostname for certificates (ex: app.example.com): mail.google.com
Port to listen on (default: 80/443)? 80

[*] Preparing environment...
[*] SSL Enabled: Y
[*] Hostname: mail.google.com
[*] Two-factor: Y
[*] Loading Module: gmail
[*] Port: 80
[*] Destination URL: google.com
[*] Starting credsniper w/ flags: --ssl --twofactor --verbose
[*] Adding Let's Encypt repository...
Traceback (most recent call last):
  File "/usr/bin/add-apt-repository", line 95, in <module>
    sp = SoftwareProperties(options=options)
  File "/usr/lib/python3/dist-packages/softwareproperties/SoftwareProperties.py", line 109, in __init__
    self.reload_sourceslist()
  File "/usr/lib/python3/dist-packages/softwareproperties/SoftwareProperties.py", line 599, in reload_sourceslist
    self.distro.get_sources(self.sourceslist)
  File "/usr/lib/python3/dist-packages/aptsources/distro.py", line 93, in get_sources
    (self.id, self.codename))
aptsources.distro.NoDistroTemplateException: Error: could not find a distribution template for Kali/kali-rolling
[*] Updating Apt...
[*] Installing pre-reqs...
[*] Creating & activating virtual environment...
[*] Enabling port binding for Python...
[*] Installing required Python modules...
[*] Creating & installing SSL certificates...
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
An unexpected error occurred:
Error creating new authz :: Policy forbids issuing for name
Please see the logfiles in /var/log/letsencrypt for more details.
cp: cannot stat '/etc/letsencrypt/live/mail.google.com/privkey.pem': No such file or directory
cp: cannot stat '/etc/letsencrypt/live/mail.google.com/cert.pem': No such file or directory
[*] ###################################################
[*] Successfully installed everything!
[*] To run manually just:
[*]     ~/CredSniper$ source bin/activate
[*]     (CredSniper) ~/CredSniper$ python credsniper.py
[*] ###################################################
[*] Launching CredSniper...

 ..........................................
 ..........................................
 ..........M...............................
 ........N......................... .Z.....
 .......M.......... M++M..........MMMN.....
 ......MMMM......M?======$M .....MMDM......
 .....,...MMD.MM=====IM=====MM  M..........
 ....D .....M=======M..8=======M ..........
 ...M ....M====+===+...DMM==NM===M.........
 ... .....M==+..MM. ..MMMMMM.MM==M.........
 ..Z......M==M..MMM..NMMMMMMN.MM=M.........
 .........M=M MMMMM..MMMMMMMMMMMMM.........
 .........MMMMMMMMMMMMMMMMMMMMMMMM.........
 ....... .MMMMMMMMMMMMMMMMMMMMMMMM.........
 .........MMMM  BLACK HILLS   MMMM.........
 .........MMMM    INFOSEC     MMMM.........
 ..........MMMMMMMMMMMMMMMMMMMMMM .........
 ...........MMMM,M+IOM=MO=MMNMMMMM.........
 ....... M:. ..MMMMMMMMMMMMMM....MM$.......
 ......MM........+MMMMMMMM.........MM .....
 ...................MMMM...................
 ..........................................
 ..........................................
 ..........................................

[*] CredSniper v1 - Mike Felch (@ustayready)

[2017-11-02 14:29] Module: gmail
[2017-11-02 14:29] Port: 443
[2017-11-02 14:29] Use SSL: True
[2017-11-02 14:29] 2FA Enabled: True
[2017-11-02 14:29] API: Loaded
[2017-11-02 14:29] API Token: XUoOyvgfeB9g8IbTpB4OljpPlNgQr0Z5
[2017-11-02 14:29] Final URL: google.com
[2017-11-02 14:29] Hostname: mail.google.com
Traceback (most recent call last):
  File "credsniper.py", line 145, in <module>
    ssl_context=context
  File "/root/Desktop/CredSniper/lib/python3.5/site-packages/flask/app.py", line 841, in run
    run_simple(host, port, self, **options)
  File "/root/Desktop/CredSniper/lib/python3.5/site-packages/werkzeug/serving.py", line 739, in run_simple
    inner()
  File "/root/Desktop/CredSniper/lib/python3.5/site-packages/werkzeug/serving.py", line 699, in inner
    fd=fd)
  File "/root/Desktop/CredSniper/lib/python3.5/site-packages/werkzeug/serving.py", line 593, in make_server
    passthrough_errors, ssl_context, fd=fd)
  File "/root/Desktop/CredSniper/lib/python3.5/site-packages/werkzeug/serving.py", line 528, in __init__
    self.socket = ssl_context.wrap_socket(sock, server_side=True)
  File "/root/Desktop/CredSniper/lib/python3.5/site-packages/werkzeug/serving.py", line 450, in wrap_socket
    ssl_version=self._protocol, **kwargs)
  File "/usr/lib/python3.5/ssl.py", line 1077, in wrap_socket
    ciphers=ciphers)
  File "/usr/lib/python3.5/ssl.py", line 699, in __init__
    self._context.load_cert_chain(certfile, keyfile)
FileNotFoundError: [Errno 2] No such file or directory
DakotaNelson commented 6 years ago

Hey @rootb3,

In the code, check out this portion:

https://github.com/ustayready/CredSniper/blob/d98f715307312c95c8e26ea9f94fb1429f61c18d/credsniper.py#L134-L140

You'll need to make sure that there are valid certificate files in those places. Can you double check to make sure those files exist?

In your example using mail.google.com as your hostname, you'll need certs/mail.google.com.cert.pem and certs/mail.google.com.privkey.pem (though I suspect you'll have a hard time getting certs issued for those domains :stuck_out_tongue_winking_eye:).

Yossi commented 6 years ago

Maybe you could try it without SSL enabled

r00tb3 commented 6 years ago

@Yossi it worked!! but now the browser says This site can’t provide a secure connection. https://i.imgur.com/SXMGCSf.png. It's redirecting me to https ?

Yossi commented 6 years ago

its possible that its redirecting to https. what port are you running on? http implies port 80 while https implies port 443 to reach something on the "wrong" port for that protocol you need to explicitly tell it what port. i.e. 192.168.100.10:80 or 192.168.100.10:443 or whatever port you chose

r00tb3 commented 6 years ago

@Yossi I'm on http://xxx.xxx.xx.xx it shows me phish page of Gmail as soon as type the credentials it redirects me to https://xxx.xxx.xx.xx/accounts and shows this error.

Yossi commented 6 years ago

try it with 192.168.100.10:80 so even when it redirects to https it still goes to the port you are running on.

btw, ip addresses that start with 192.168. are not publicly routable and it doesnt matter if people know what they are, they still cant reach them unless they are on the same local network.

r00tb3 commented 6 years ago

@Yossi why doesn't it work with facebook?

Yossi commented 6 years ago

i think this project is just for google accounts

DakotaNelson commented 6 years ago

@Yossi you can add a Facebook module following the same format as the gmail module. It's designed to be extensible so that you can add modules for whatever you need.

@ustayready can this issue be closed?

r00tb3 commented 6 years ago

@DakotaNelson not yet i've got to check it properly i'll close it by myself.

r00tb3 commented 6 years ago

@Yossi why isn''t it working with SSL enabled and on port 443?

Yossi commented 6 years ago

@rootb3 for this to work with SSL you need to have a domain name. then you need to have your server reachable on the open internet at that domain name. and then letsencrypt can give you an SSL cert.

r00tb3 commented 6 years ago

@Yossi okay.. so I can use this for MITM attack while in a cafe or college?

How do I redirect to this phishing page?

Will it work with DNS poisoning?

Thanks.

Yossi commented 6 years ago

That's left as an exercise for the reader.

But seriously, don't use this on people without their consent.

r00tb3 commented 6 years ago

@Yossi I've tried but ain't working it's giving me the same error on port 80 and port 443 too. It's looking for accounts.html webpage which does not exist in the template folder. Should I make changes in the code and redirect to some other webpage?

This accounts.html does not exist..

{ 'name':'main', 'url':'/'},                     # Main page
            { 'name':'accounts', 'url':'/accounts'},         # Grab email
            { 'name':'authenticate', 'url':'/authenticate'}, # Store email/password in .cache
            { 'name':'redirect', 'url':'/redirect'},         # Store email/password/2fa in .sniped, redirects
ustayready commented 6 years ago

@rootb3

The hostname parameter is for your phishing hostname not what you are trying to clone. The final parameter is the URL for the redirect destination after you phish a user.

An example syntax is: python3 credsniper.py --module gmail --twofactor --port 443 --ssl --verbose --final https://twitter.com/ --hostname fake-gmailsite.com

From there, assuming you already setup your DNS to point the fake-gmailsite.com to the IP of the server, Let's Encrypt will be contacted and an SSL certificate for fake-gmailsite.com will be created and saved into the certs/ folder. From there, CredSniper can spin up the web server with the certificates.

r00tb3 commented 6 years ago

@ustayready As you can see from the comments I'm not forcing SSL and my port is 80 running in a virtual environment still it doesn't work. As you say now I've changed the hostname to the IP i.e python3 credsniper.py --module gmail --twofactor --port 443 --verbose --final gmail.com --hostname http://192.168.100.10 still ain't working.

ustayready commented 6 years ago

@rootb3 Your syntax is off.. You are loading the gmail module fine and enabling twofactor phishing but you are forcing port 443. Your --final is not a URL so thats going to cause problems later and --hostname shouldnt be a url it should be the external hostname that you specify.

Flask is going to bind to 0.0.0.0 on whatever port you specify. You are binding to port 443. CredSniper is redirecting your browser to SSL because of port 443. If you arent planning on running SSL then bind to port 80

r00tb3 commented 6 years ago

so what if I put my VM's hostname i.e. osboxes in this case?

python3 credsniper.py --module gmail --twofactor --port 80 --verbose --final gmail.com --hostname osboxes

ustayready commented 6 years ago

@rootb3 Let's encrypt isn't going to be able to reach your internal hostname, it needs to be an external DNS entry. You should setup a hostname for a domain you own and point the IP address to the IP address of the server you are running CredSniper on. It wasn't designed to run on a laptop in a coffee shop and I am not helping you by facilitating.