With b1a2a56ba9d15d0990fc6d4256493d6f2777c555

Google Photos : XXX
Traceback (most recent call last):              
  File "hunt.py", line 114, in <module>
    gpics(gaiaID, client, cookies, cfg)
  File "/GHunt/lib/photos.py", line 97, in gpics
    out = get_source(gaiaID, client, cookies, cfg)
  File "/GHunt/lib/photos.py", line 82, in get_source
    result = wait.until(element_has_substring_or_substring((By.XPATH, "//body"), photos_trigger, no_photos_trigger))
  File "/home/xxx/.local/lib/python3.7/site-packages/selenium/webdriver/support/wait.py", line 80, in until
    raise TimeoutException(message, screen, stacktrace)
selenium.common.exceptions.TimeoutException: Message: 

A basic dockerization. Some notes:

• An user could be created so that the script is executed by a non-root. Decided to keep it easy for now.
• The data.txt should now be under the resources/ folder so that it's easier to mount to Docker.
• Removed the hardcoded data.txt and moved it to the cfg dict.
• This will become way more useful if a GitHub action or any other CI/CD builds it and publishes it to Docker Hub so people can just pull and use it instead of having to build it.

Cheers!

Hi there @mxrch and team and thank you for your work on this tool.

TL;DR: the tool reports that my cookies are fine and then it reports that given email doesn't belong to a google account (as per topic). I may be doing something wrong, but after encountering the tool I have done the following:

1. docker pull
2. ran hunt - learned about the cookies
3. got cookies from the account page (so I have the account, at least on accounts.google.com)
4. ran the check_and_gen script, which said cookies I gave it are valid
5. reran the hunt tool - got the titular message

There were no errors, no warnings:

     .d8888b.  888    888                   888    
    d88P  Y88b 888    888                   888    
    888    888 888    888                   888    
    888        8888888888 888  888 88888b.  888888 
    888  88888 888    888 888  888 888 "88b 888    
    888    888 888    888 888  888 888  888 888    
    Y88b  d88P 888    888 Y88b 888 888  888 Y88b.  
     "Y8888P88 888    888  "Y88888 888  888  "Y888
    
[-] This email address does not belong to a Google Account.

I used FF to get the cookies, am using freshest Docker image with the tool, am running Ubuntu OS. Any pointers?

Docker

• ✅ Link Dockerhub to automate the Docker image build
• ✅ Adapt the Docker build in the Readme for Windows users too

Features

• ✅ Not load cookies by default in Google Photos & Google Maps & Youtube to have a public view and avoiding seeing private informations if we test with our own email. Gonna add options in config.py to load them.
• ✅ (just write for the moment) Add a check to know if the target has a default profile picture or not, and if not, maybe open the image in a new window (will obviously not work on systems with no graphical display like Linux VPS) or find a way to print it directly in the terminal (but can cause incompatibility between terminals), or just print the link. I'll think about what we can do and what's better.
• ✅ Adding the target's Google Calendar if it is in public (it is not by default)
• ✅ Adding support to use scripts from outside the GHunt directory (issue #25)
• Adding the extraction of the phone model associated to the Google Account, in the Password Forgot steps. Without Selenium it is a little hard but I'm studying it, it works with the same type of challenges used in the login, and a code is generated in the requests to let us access it. I already found how to generate the code per accounts, now I'm searching how to activate it, to then just go on the page with the right code activated, which always starts with "AM3QAY", you'll notice it easily. It's the "TL" parameter in the URL. Sometimes Google send a notification in the target's phone when we start the recovery procedure, so this eventual feature will be deactivated by default.
• Adding the last Youtube activity with some stats, and extracts maybe the last 15 comments to analyze them with the JigSaw Perspective API (Jigsaw is a Google division) and calculating the aggressivity of the target.

I'm also thinking about creating a Discord for the reverse-engineering and trying to dig together in the Google code, and why not communicate between the contributors. Let me know what do you think about the Discord or one of the element in the list !

(PS: I just write this to-do so people know what is planned, to avoid issues like #75 )

"[!] Selenium TimeoutException has occured. Please check your internet connection, proxies, vpns, et cetera." error when i write cookies. Please help me.

GHunt$ sudo python3 check_and_gen.py [-] No stored cookies found

Enter these browser cookies found at accounts.google.com :
_Secure-3PSID => 2gfQYh2qGqQzMbOYH-vdik8MeFcTOrBgJ_xdmGXd1WZs
APISID => qKMvZCwrVnExLNVsPYY5Yav2d SAPISID => DCVQhAXmgc-YgqvSFq8hiZKt HSID => ArJEblPhvcg1a

[+] The cookies seems valid! Generating the Google Docs and Hangouts token...

Google Docs Token => AC4w5ViFnxm5Wvoafbu_jhoSg:160313810 Traceback (most recent call last): File "check_and_gen.py", line 126, in auth_token, hangouts_token = get_hangouts_tokens(cookies, driverpath) File "check_and_gen.py", line 61, in get_hangouts_tokens driver = webdriver.Chrome( File "/usr/local/lib/python3.8/dist-packages/seleniumwire/webdriver/browser.py", line 86, in init super().init(*args, **kwargs) TypeError: init() got an unexpected keyword argument 'options'

can you help?

In a nutshell:

• Exposed accounts must change a default setting to stop being exposed.
• Accounts that used Picasa are hopeless.

Read commit details, and file changes for insight.

I set up GHunt by cloning this repo, copying chromedriver to GHunt directory and generating a working data.txt. After that, I made 2 aliases:

alias ghunt='python3 <path-to-hunt.py>'
alias ghunt-gen='python3 <path-to-check_and_gen.py>'

but these aliases won't work unless I call them in the GHunt directory, otherwise Ghunt would complain about missing chromedriver or cookies.

Maybe it would be a good idea if Ghunt can fallback to use config in a dedicated config dir like ~/.config/GHunt or the dir which hunt.py is located in?

after putting the cookies, I had this problem

[+] The cookies seems valid !
Generating the Google Docs and Hangouts token...

Google Docs Token => AC4w5VhWhxu9Y09gB6ZhOlcrRsb8KPGYZQ:1616189634244
Traceback (most recent call last):
  File "check_and_gen.py", line 159, in <module>
    auth_token, hangouts_token = get_hangouts_tokens(cookies, driverpath)
  File "check_and_gen.py", line 68, in get_hangouts_tokens
    driver = webdriver.Chrome(
  File "/home/luc/.local/lib/python3.8/site-packages/seleniumwire/webdriver/browser.py", line 96, in __init__
    super().__init__(*args, **kwargs)
  File "/home/luc/.local/lib/python3.8/site-packages/selenium/webdriver/chrome/webdriver.py", line 73, in __init__
    self.service.start()
  File "/home/luc/.local/lib/python3.8/site-packages/selenium/webdriver/common/service.py", line 98, in start
    self.assert_process_still_running()
  File "/home/luc/.local/lib/python3.8/site-packages/selenium/webdriver/common/service.py", line 109, in assert_process_still_running
    raise WebDriverException(
selenium.common.exceptions.WebDriverException: Message: Service /home/luc/GHunt/chromedriver unexpectedly exited. Status code was: 127

After copying the values asked by the script and putting them in i get "Seems like the cookies are invalid, try regenerating them." Despite doing this several times. Any help?

Traceback (most recent call last):
  File "hunt.py", line 117, in <module>
    confidence, locations = gmaps.get_confidence(reviews, cfg)
  File "C:\Users\hamza\Desktop\GHunt\lib\gmaps.py", line 233, in get_confidence
    location = sanitize_location(location)
  File "C:\Users\hamza\Desktop\GHunt\lib\utils.py", line 29, in sanitize_location
    town = location["municipality"]
KeyError: 'municipality'

I moved the update of the headers dictionary to the beginning of the function, to avoid creating a new dictionary on each iteration of the loop. I replaced the ext_bin_headers dictionary comprehension with a regular loop and an update to the headers dictionary, which should be faster than creating a new dictionary. I replaced the ** operator with the update() method to merge the dictionaries, which is generally faster than using the ** operator.

sometimes the default profile picture detection gives incorrect results, i entered my own email (i have default pic) and ghunt told me that i have custom profile picture. additionally i tested another email that have custom profile picture and ghunt told that is default picture

I get the following error when running ghunt gaia [TARGET GAIA ID] from the terminal, any ideas of what the problem might be?

Traceback (most recent call last): File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/trio/_ssl.py", line 468, in _retry ret = fn(*args) File "/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10/ssl.py", line 974, in do_handshake self._sslobj.do_handshake() ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:997)

The above exception was the direct cause of the following exception:

Traceback (most recent call last): File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/httpcore/_exceptions.py", line 10, in map_exceptions yield File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/httpcore/backends/trio.py", line 80, in start_tls raise exc File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/httpcore/backends/trio.py", line 77, in start_tls await ssl_stream.do_handshake() File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/trio/_ssl.py", line 640, in do_handshake await self._handshook.ensure(checkpoint=True) File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/trio/_ssl.py", line 221, in ensure await self._afn(*self._args) File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/trio/_ssl.py", line 610, in _do_handshake await self._retry(self._ssl_object.do_handshake, is_handshake=True) File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/trio/_ssl.py", line 473, in _retry raise trio.BrokenResourceError from exc trio.BrokenResourceError

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/httpx/_transports/default.py", line 60, in map_httpcore_exceptions yield File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/httpx/_transports/default.py", line 353, in handle_async_request resp = await self._pool.handle_async_request(req) File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/httpcore/_async/connection_pool.py", line 253, in handle_async_request raise exc File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/httpcore/_async/connection_pool.py", line 237, in handle_async_request response = await connection.handle_async_request(request) File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/httpcore/_async/connection.py", line 86, in handle_async_request raise exc File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/httpcore/_async/connection.py", line 63, in handle_async_request stream = await self._connect(request) File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/httpcore/_async/connection.py", line 150, in _connect stream = await stream.start_tls(**kwargs) File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/httpcore/backends/trio.py", line 74, in start_tls with map_exceptions(exc_map): File "/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10/contextlib.py", line 153, in exit self.gen.throw(typ, value, traceback) File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/httpcore/_exceptions.py", line 14, in map_exceptions raise to_exc(exc) httpcore.ConnectError

The above exception was the direct cause of the following exception:

Traceback (most recent call last): File "/Users/cboutaud/.local/bin/ghunt", line 8, in sys.exit(main()) File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/ghunt/ghunt.py", line 15, in main parse_and_run() File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/ghunt/cli.py", line 31, in parse_and_run process_args(args) File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/ghunt/cli.py", line 44, in process_args trio.run(gaia.hunt, None, args.gaia_id, args.json) File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/trio/_core/_run.py", line 1946, in run raise runner.main_task_outcome.error File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/ghunt/modules/gaia.py", line 28, in hunt is_found, target = await people_pa.people(as_client, gaia_id, params_template="max_details") File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/ghunt/apis/peoplepa.py", line 169, in people await person._scrape(as_client, person_data) File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/ghunt/parsers/people.py", line 150, in _scrape await person_photo._scrape(as_client, photo_data, "profile_photo") File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/ghunt/parsers/people.py", line 60, in _scrape self.isDefault, self.flathash = await is_default_profile_pic(as_client, self.url) File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/ghunt/helpers/utils.py", line 63, in is_default_profile_pic flathash = await get_url_image_flathash(as_client, image_url) File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/ghunt/helpers/utils.py", line 52, in get_url_image_flathash req = await as_client.get(image_url) File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/httpx/_client.py", line 1757, in get return await self.request( File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/httpx/_client.py", line 1533, in request return await self.send(request, auth=auth, follow_redirects=follow_redirects) File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/httpx/_client.py", line 1620, in send response = await self._send_handling_auth( File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/httpx/_client.py", line 1648, in _send_handling_auth response = await self._send_handling_redirects( File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/httpx/_client.py", line 1685, in _send_handling_redirects response = await self._send_single_request(request) File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/httpx/_client.py", line 1722, in _send_single_request response = await transport.handle_async_request(request) File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/httpx/_transports/default.py", line 352, in handle_async_request with map_httpcore_exceptions(): File "/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10/contextlib.py", line 153, in exit self.gen.throw(typ, value, traceback) File "/Users/cboutaud/.local/pipx/venvs/ghunt/lib/python3.10/site-packages/httpx/_transports/default.py", line 77, in map_httpcore_exceptions raise mapped_exc(message) from exc httpx.ConnectError

Describe the bug $ghunt login Traceback (most recent call last): File "/home/ah/.local/bin/ghunt", line 5, in from ghunt.ghunt import main File "/home/ah/.local/pipx/venvs/ghunt/lib/python3.9/site-packages/ghunt/init.py", line 1, in from ghunt import globals as gb; gb.init_globals() File "/home/ah/.local/pipx/venvs/ghunt/lib/python3.9/site-packages/ghunt/globals.py", line 5, in init_globals from ghunt.objects.utils import TMPrinter File "/home/ah/.local/pipx/venvs/ghunt/lib/python3.9/site-packages/ghunt/objects/utils.py", line 1, in from ghunt.helpers.utils import * File "/home/ah/.local/pipx/venvs/ghunt/lib/python3.9/site-packages/ghunt/helpers/utils.py", line 77, in def ppnb(nb: float|int) -> float: TypeError: unsupported operand type(s) for |: 'type' and 'type'

To Reproduce Step 1: install python 3.11.1 ┌─[[email protected]]─[~/Downloads/Python-3.11.1] └──╼ $python3 -V Python 3.11.1

Step 2: install ghunt per the instructions on the page $ pip3 install pipx $ pipx ensurepath $ pipx install ghunt

Step 3: run command "ghunt login"

System (please complete the following information): Linux Parrot Python 3.11.1

According to the GNU GPL FAQs page (which also applies to the AGPL), a license that limits who can use a program, or for what, is not a free software license.

Thus, this usage restriction statement "Use it only in personal, criminal investigations, pentesting, or open-source projects." in the readme is not compatible with the AGPL.

Though technically, every project that includes AGPL code has to be open-source anyway, but the original AGPL text already includes the "disclose source" requirement.

Solution

This can be resolved by removing the statement "Use it only in personal, criminal investigations, pentesting, or open-source projects." or alternatively by keeping the statement and using a non-free license similar to the AGPL that also allows for software usage restrictions.