no sessions captured about qrljacking HOT 16 CLOSED

Try using the "Debug" command before "run": you should see an additional Firefox instance opening with the real WhatsApp page. Now open another Firefox instance on localhost:1337 and scan the QR code. What happens on the other Firefox? Do you see the the WhatsApp web session opening or does it remain on the Qr page?

from qrljacking.

i follow the steps , the other firefox instance open the session , and logedin to my whatsapp , but still recieved no session captured on the tool

from qrljacking.

With "debug" mode is there any new message other than what you posted in the first message? Can you provide a screenshot of the terminal and the two WhatsApp session after you scan the code?

from qrljacking.

no other messages in debug mode , kindly find the attached photos ,

the attached photo no 3 for whatsapp session from the debug , real whatsapp site ,

the other QRcode for the tool

the command i used , python3.7 QrlJacker.py

from qrljacking.

Thanks for the info.
Unfortunately i can't reproduce the problem with the same setup:

For me the code is working correcly.
I can suggest you to do the following:

• repeat the steps you already did
• when you are inside Whatsapp web on the Selenium Firefox instance, go to Menu -> More tools -> Web Developer Tools
• go to "console" tab and enter the following:
  $x("/html/body/div[1]/div/div/div[4]/header/div[1]/div/img")

This code will check if the element with the given XPath exists in the page.
If exists, you should see something like this:

if not you should see just the following message:
Array []

in the latter case please try the following:

• Right Click on your Whatsapp Avatar Image (upper left in the page) and click "inspect"
• on the highlighted code right click -> copy -> Xpath and write here your XPath

from qrljacking.

i follow your step and got empty array like this =====> Array []

here the XPath ===
/html/body/div[1]/div/div/div[3]/div[1]/span/div/span/div/div/div[1]/div/div/span/div

before i install geckodriver , i followd the instruction but get this error
bash: /usr/local/bin/geckodriver: cannot execute binary file: Exec format error

after searching i install it , may be the problem in geckodriver path

from qrljacking.

I'm still not able to reproduce the issue: i tried different browser, different system, different languages and different localisations but the XPath for me remains /html/body/div[1]/div/div/div[4]/header/div[1]/div/img in every test.

As a workaround, i can suggest to change the value of change_identifier variable inside QRLJacker/core/modules/grabber/whatsapp.py and put your XPath. Variable change_identifier must contain the XPath of an element that is present only on the chat web page (not in the QRCode page): when QRLJacker detects this Xpath it means that you went from the page with the QRCode to the chat page (this means you have a valid session).

If you want to dig more you can try different setups as i did (different browser, system, languages...), check if everything is installed correctly on your system, try different python versions (personally i use the last release).
What code do you have for the avatar image? See the <img> tag in my page:

from qrljacking.

thanks for your kindly interest and i really appreciate your support

i changed xpath to change_identifier = '/html/body/div[1]/div/div/div[4]/header/div[1]/div/div/span'

then it work m i can catch the session but , the QRCode dissapear , and not appear any more

from qrljacking.

This is normal: the session is saved and the Selenium Firefox is closed (so you don't have the QR Code on the Phishing page anymore; maybe i will propose a change to make it stealthier). Once you have the session use sessions -l and sessions -i to interact with a specific session. I think this issue can be closed

from qrljacking.

thanks alot , really thanks , one more reques please , how can i use this tool over wan

from qrljacking.

You need to configure a port forwarding rule on your home router to make your local machine reachable from the outside : )

from qrljacking.

i can make port forwarding , but i talk about QRLJacking tool configuration , what should i do

from qrljacking.

Well... nothing: when you use set port 1337 the framework will open a listening port on 0.0.0.0:1337. This address will serve the Web Server with the Phishing page. Address 0.0.0.0 means "any interface" on your machine. So you have to take your local interface IP address (withifconfig, ip addr or any other tool you use on your machine) and forward public port 1337 to internal port 1337 on that local address. When make a connection to your-public-ip:1337 the router will forward the connection to your-local-ip:1337 and you will see the Phishing page. But i think this is beyond the scope of this issue 😅

from qrljacking.

thanks alot it work now very well , one more think if i want to modify the QRL page m what should i do

really thanks for your kindly interest 😅😅😅😅😅😅

from qrljacking.

As the page itself suggest, just modify QRLJacking/QRLJacker/core/templates/phishing_page.html file with your own code. Please if the original problem is solved, close the issue

from qrljacking.

can i modify it with flutter not html , is it possible or i should use html only

from qrljacking.