CredSniper icon indicating copy to clipboard operation
CredSniper copied to clipboard

Published 20 hours ago verified publisher icon ustayready

2FA not working due Exception

Open unl1k3ly opened this issue 7 years ago • 2 comments

Hi,

Thanks to come up with this awesome tool.

2FA does not work. I've tried to spin a new ec2 and it fails when it gets to 2FA (/authenticate) part.

Entire exception is pasted below:

Exception happened during processing of request from ('137.129.114.42', 55298)
Traceback (most recent call last):
  File "/usr/lib/python3.5/socketserver.py", line 313, in _handle_request_noblock
    self.process_request(request, client_address)
  File "/usr/lib/python3.5/socketserver.py", line 341, in process_request
    self.finish_request(request, client_address)
  File "/usr/lib/python3.5/socketserver.py", line 354, in finish_request
    self.RequestHandlerClass(request, client_address, self)
  File "/usr/lib/python3.5/socketserver.py", line 681, in __init__
    self.handle()
  File "/opt/CredSniper/lib/python3.5/site-packages/werkzeug/serving.py", line 293, in handle
    rv = BaseHTTPRequestHandler.handle(self)
  File "/usr/lib/python3.5/http/server.py", line 422, in handle
    self.handle_one_request()
  File "/opt/CredSniper/lib/python3.5/site-packages/werkzeug/serving.py", line 328, in handle_one_request
    return self.run_wsgi()
  File "/opt/CredSniper/lib/python3.5/site-packages/werkzeug/serving.py", line 270, in run_wsgi
    execute(self.server.app)
  File "/opt/CredSniper/lib/python3.5/site-packages/werkzeug/serving.py", line 258, in execute
    application_iter = app(environ, start_response)
  File "/opt/CredSniper/lib/python3.5/site-packages/flask/app.py", line 1997, in __call__
    return self.wsgi_app(environ, start_response)
  File "/opt/CredSniper/lib/python3.5/site-packages/flask/app.py", line 1982, in wsgi_app
    response = self.full_dispatch_request()
  File "/opt/CredSniper/lib/python3.5/site-packages/flask/app.py", line 1612, in full_dispatch_request
    rv = self.dispatch_request()
  File "/opt/CredSniper/lib/python3.5/site-packages/flask/app.py", line 1598, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/opt/CredSniper/modules/gmail/gmail.py", line 53, in authenticate
    triggered = self.trigger()
  File "/opt/CredSniper/modules/gmail/gmail.py", line 155, in trigger
    pass_form.set('Passwd', self.password)
  File "/opt/CredSniper/lib/python3.5/site-packages/mechanicalsoup/form.py", line 258, in set
    raise LinkNotFoundError("No valid element named " + name)
mechanicalsoup.utils.LinkNotFoundError: No valid element named Passwd

Cheers

unl1k3ly avatar Apr 16 '18 18:04 unl1k3ly

If I had to guess, this would be because there's no element on the phishing page (template) named "Passwd" - could you try going through the template and renaming the password field to "Passwd" (I assume by setting its HTML id attribute?) and see if that works?

DakotaNelson avatar Jun 01 '18 16:06 DakotaNelson

So, the 'Passwd' field is requested by Gmail when the user-agent is an older browser and is being set during the trigger() function. This may be because Google changed the form field or is no longer using the deprecated version of their page when a browser is older. The error is being caused when CredSniper attempts to authenticate using the phished credentials so that it can trigger the 2FA for SMS, the older versions of Gmail had a form field called 'Passwd' which CredSniper is not able to find. I will need to look into this further.

ustayready avatar Jul 28 '18 08:07 ustayready