sherlock-project
False Positives: ArtStation, AllMyLinks, Freelance.habr, GNOME VCS, LibraryThing, Mydramalist, NationStates Nation & Region
Additional info
Usernames used to test:
qwertyzzsdvasdwe13412
MVDJSKBNALHDASLKJ9832
jqzj629
All 3 usernames were reported as false positives on:
https://8tracks.com/ https://hackenproof.com/hackers/ https://www.nitrotype.com/racer/ https://www.producthunt.com/ https://www.strava.com/athletes/ https://www.twitch.tv/
Code of Conduct
- [X] I agree to follow this project's Code of Conduct
True, i can completely confirm same happened for me. i wanna append to this list , the following false positives for me too: [+] SlideShare: https://slideshare.net/ [+] NationStates Nation: https://nationstates.net/nation= [+] NationStates Region: https://nationstates.net/region= [+] ProductHunt: https://www.producthunt.com/ [+] Shpock: https://www.shpock.com/shop/ [+] TLDR Legal: https://tldrlegal.com/users/ [+] Twitch: https://www.twitch.tv/
i checked this ones and in none the actual profile existed. Thanks for your work guys. appreciate.
Hmm, that's super interesting—thanks for reporting this!
Here's what I know: Twitch and ProductHunt always show false positives; no matter where you're testing from — we're working on fixing those. As for the other ones, they might depend on the region you're running Sherlock from. I've checked what Sherlock shows for those usernames from a residential US East IP address and here's what I'm getting:
Screenshot 1
Screenshot 2
Screenshot 3
(consistent HackerEarth, ProductHunt, Reddit, Shpock, SlideShare, Smule, Strava, Twitch, & BabyRU false positives)
(8tracks, HackerProof (Hackers), NitroType, NationStates Nation, NationStates Region, and TLDR Legal* don't return false positives for me)
These don't 100% match with your screenshots. So I'd suggest you to re-run Sherlock with the --dump-response parameter and redirect the output to a file (like this: sherlock --dump-response qwertyzzsdvasdwe13412 > dump_response_output.txt), then send over the contents of the dump_response_output.txt file here — this will help us fix those false positives faster
I tried sherlock --dump-response qwertyzzsdvasdwe13412 > dump_response_output.txt, but it throwed a UnicodeEncodeError, because it tried to write the response from the website, which was in a different language because of my ip, to the text file. sherlock --dump-response qwertyzzsdvasdwe1341 worked (for some reason), but the response was too long so it didn't all fit on the terminal window for me to copy. I had to go to the code in sherlock.py and change from
print(f"ERROR TEXT : {net_info['errorMsg']}")
to
print(f"ERROR TEXT : {str(net_info['errorMsg']).encode('utf-8')}")
to` finally get it to save to the txt file without errors. This could be implemented in the future to allow different languages to be written to the dump file.
Here are the results: dump_response_output.txt
if needed, i could test with a vpn as well
A lot of false positives have been cleared, and I'm not seeing anymore on my end. Let me know if y'all are still experiencing any on your end.
dump response for the 2 sites specifically: out.txt for some reason now it only shows 3 out of the 5 in the prev screenshot in the dump
Still getting false positives on NationStates Nation and NationStates Region every time I run the program. Also a few times I got false positives from ArtStation
NEW false positives
heres what i get when running
sherlock --dump-response qwertyzzsdvasdwe13412 > dump_response_output.txt: