Error uploading file: 401 about teamsphisher HOT 6 CLOSED

401 means "Unauthorized"... Which is strange given you successfully retrieved the SharePoint token.

at line 326 in the program there is this:

    # Seem to have seen both of these codes for file uploads...
    if content.status_code != 201 and content.status_code != 200:
        p_err("Error uploading file: %d" % (content.status_code), True)

make it look like this and re-run it in order to see the headers and body of the error

    # Seem to have seen both of these codes for file uploads...
    if content.status_code != 201 and content.status_code != 200:
        p_err("Error uploading file: %d" % (content.status_code), True)
        print(content.headers)
        print(content.text)

from teamsphisher.

Same! Do not want to take much of your time but plz if you think of any other way to troubleshoot it let me know please. FYI! I can manually upload files on sharepoint
`Authenticating, verifying files, and uploading attachment

Reading target email list..................................................[+] SUCCESS!
Fetching Bearer token for Teams............................................[+] SUCCESS!
Fetching Skype token.......................................................[+] SUCCESS!
Fetching sender info.......................................................[+] SUCCESS!
Fetching Bearer token for SharePoint.......................................[+] SUCCESS!
Uploading file: .\README.MD................................................[-] Error uploading file: 401`

from teamsphisher.

My bad, make it look like this:

    # Seem to have seen both of these codes for file uploads...
    if content.status_code != 201 and content.status_code != 200:
        print(content.headers)
        print(content.text)
        p_err("Error uploading file: %d" % (content.status_code), True)

The way I had you do it before made the program exit before it printed the headres and text

from teamsphisher.

Same thing dude! I am going to play with the python script to see if I can get it to work! thanks for taking the time to respond

`Configuration:

[-] Sending file link that is accessible by anyone with the link
[-] No delay between messages
[+] Using greeting: Hi, --personalize greeting: Hi ,
[-] Not logging TeamsPhisher output

Operational mode: Sending phishing messages to targets!

Time left to abort: 00

Authenticating, verifying files, and uploading attachment

Reading target email list..................................................[+] SUCCESS!
Fetching Bearer token for Teams............................................[+] SUCCESS!
Fetching Skype token.......................................................[+] SUCCESS!
Fetching sender info.......................................................[+] SUCCESS!
Fetching Bearer token for SharePoint.......................................[+] SUCCESS!
Uploading file: .\README.MD................................................[-] Error uploading file: 401`

from teamsphisher.

You still got no output? As a sanity check, add a prefix to the print statements so you can be sure they are actually executing

# Seem to have seen both of these codes for file uploads...
if content.status_code != 201 and content.status_code != 200:
    print("failed headers: " + str(content.headers))
    print("failed body: " + str(content.text))
    p_err("Error uploading file: %d" % (content.status_code), True)

from teamsphisher.

The issue in this case was that when the user created their AAD tenant they gave the tenant a different 'Organization Name' than their 'Initial Domain Name' like in the below screenshot:

I truthfully didn't know/remember that there were two separate fields there or that someone might make them different. TeamsPhisher uses the 'tenantName' property to resolve the Sharepoint address, so in this case it was looking for Sharepoint at 'myorgname-my.sharepoint.com...' when it really lives at 'myorgnameiscool-my.sharepoint.com'

This has been fixed by now resolving the 'tenantName' by splitting out the domain name from the UPN e.g. '[email protected]' would return 'mycoolorg' as the 'tenantName' field for subsequent use.

User was able to resolve this by going to AAD -> Properties and renaming their tenant to match the domain name.

from teamsphisher.