This blog is NOT OFFICIAL website of Kali Linux. We just share Tutorials to learn Cybersecurity.

GHunt -- Know Everything From Email

Information is power. If we have clear knowledge about someone then we can easily win him. Gmail or Google Mail is the most popular mail service in the world almost every person have a Google account or Gmail id. Now we can know a lots of information of anyone from their mail address.

Ghunt-kali linux

To collect someone's account information we use GHunt tool. GHunt is an OSINT tool written in Python3 to extract information from any Google Account using an email on our Kali Linux system. This tool will be very useful to gather information on target user. Then the attack can use these valuable information against the target.

GHunt can collect following information about a person

  • Owner's name.
  • Last time the profile was edited.
  • Google ID.
  • If the account is a Hangouts Bot.
  • Activated Google services (YouTube, Photos, Maps, News360, Hangouts, etc.)
  • Possible YouTube channel.
  • Possible other usernames.
  • Public photos (P).
  • Phones models (P).
  • Phones firmwares (P).
  • Installed softwares (P).
  • Google Maps reviews (M).
  • Possible physical location (M).

Now the (P) marked features requires the target account to have the default setting of Allow the people you share content with to download your photos and videos on the Google AlbumArchive, or if the target has ever used Picasa linked to their Google account.

Those features marked with a (M) require the Google Maps reviews of the target to be public (they are by default).

Installation of GHunt in Kali Linux

To install GHunt in our system we need to clone it from it's GitHub repository by sing following command:

git clone https://github.com/mxrch/GHunt

The following screenshot shows the output of preceding command:

cloning GHunt from GitHub

Now we need to navigate to the GHunt directory by using cd command:

cd GHunt

Here before run the tool we need to install some requirements on our system to run this tool. To do that we use following command:

python3 -m pip install -r requirements.txt

The following screenshot shows installing the requirements process.

GHunt installing requirements

First we need to generate cookies 🍪 and tokens from our exiting Google Account. For that we use following command:

python3 check_and_gen.py

Here we need 4 required cookies. If they are valid, GHunt will generate the Authentication token and the Google Docs & Hangouts tokens.

Generating Cookies for GHunt

Here we suggest to use an empty or new Google Account. We shouldn't give this tool our primary Google Account's information/cookies.

  1. On our new/empty Google Account we need to go to the link https://accounts.google.com then login here if we are not already logged in.
  2. After that, open the Dev Tools window and navigate to the Storage tab (Shift + F9 on Firefox) (It's called "Application" on Chrome). If we don't know how to open it, we just right-click anywhere and click on the "Inspect Element".
  3. Then we'll find every cookie that we need, including the 4 ones.

GHunt cookies collection

Then we need to paste our required cookies on GHunt tool. The cookies are

  • __Secure-3PSID
  • APISID
  • SAPISID
  • HSID
cookies inputting in GHunt
If the cookies are correct & valid then we successfully generate them. After this we are ready to hunt Google Accounts.

GHunt Against Google Accounts

Now we can run this tool. We run this tool against our own mail id for an example. We are hiding some personal details. We run GHunt by following command:

python3 hunt.py our_mail@gmail.com

Then it will show the name and other sensitive information regarding the mail id.

Ghunt on Kali Linux

We can easily found here the Google ID, mobile number, possible YT channels, personal AlbumArchive photos, phone model and firmware, possible locations and much more sensitive information. Which will help us to know more about a target.

How to be Safe

We can keep safe collection of metadata from our Google Photos account.

Given that Google shows "X require access" on our Google Account Dashboard, we might imagine that we had to explicitly authorize another account in order for it to access our pictures; but this is not the case. Any account can access our AlbumArchive (by default):

Google photos Album

Here's how to check and fix the fact that we're vulnerable (which we most likely are).

Now we need to go to https://get.google.com/albumarchive/ while logged in with our Google account. We will be automatically redirected to our correct albumarchive URL (https://get.google.com/albumarchive/OUR-GOOGLE-ID-HERE). After that, we click the three dots on the top left corner, and click on setting.

google album archive settings

Then, we just need to un-check the only option there.

On another note, if our account will also be vulnerable if we have ever used Picasa linked to our Google account in any way, shape or form. For more details on this, we can read PinkDev1's comment on issue#10 in the GitHub.

For now, the only (known) solution to this is to delete the Picasa albums from our AlbumArchive.


Liked our tutorial ? Then Follow our blog from the sidebar. We are also in Twitter and GitHub follow us there, we post updates there. For any problem and questions comment down in the comment section. We always reply.

author-img
Kali Linux

Comments

16 comments
Post a Comment
  • Unknown photo
    UnknownJanuary 3, 2021 at 9:10 PM

    I can't generate cookies and tokens.
    I used "python3 check_and_gen.py" but i got this error:

    Traceback (most recent call last):I'm downloading and installing it for you...
    File "/home/kali/GHunt/check_and_gen.py", line 102, in
    driverpath = get_driverpath()
    File "/home/kali/GHunt/lib/utils.py", line 101, in get_driverpath
    path = chromedriver_autoinstaller.install(cwd=True)
    File "/home/kali/.local/lib/python3.9/site-packages/chromedriver_autoinstaller/__init__.py", line 15, in install
    chromedriver_filepath = utils.download_chromedriver(cwd)
    File "/home/kali/.local/lib/python3.9/site-packages/chromedriver_autoinstaller/utils.py", line 166, in download_chromedriver
    chrome_version = get_chrome_version()
    File "/home/kali/.local/lib/python3.9/site-packages/chromedriver_autoinstaller/utils.py", line 107, in get_chrome_version
    with subprocess.Popen([executable_name, '--version'], stdout=subprocess.PIPE) as proc:
    File "/usr/lib/python3.9/subprocess.py", line 947, in __init__
    self._execute_child(args, executable, preexec_fn, close_fds,
    File "/usr/lib/python3.9/subprocess.py", line 1819, in _execute_child
    raise child_exception_type(errno_num, err_msg, err_filename)
    FileNotFoundError: [Errno 2] No such file or directory: 'google-chrome'

    I don't realy understand this error...
    Could someone please help me?

    ~L

    Delete Comment
    • Kali Linux photo
      Kali LinuxJanuary 6, 2021 at 12:34 PM

      I think that you are using WSL. WSL runs on a separate virtual machine within windows and unless you download google chrome onto that virtual machine it will not be recognized. The program should still work on WSL if you manually install the chromedriver from here: "https://chromedriver.chromium.org/". BTW the chromedriver needs to be installed/extracted into the GHunt folder to work properly.

      Delete Comment
      • Unknown photo
        UnknownApril 26, 2021 at 3:07 PM

        Traceback (most recent call last):
        File "/home/gamezonehacker/Desktop/GHunt/check_and_gen.py", line 196, in
        driver = webdriver.Chrome(
        File "/home/gamezonehacker/.local/lib/python3.9/site-packages/seleniumwire/webdriver.py", line 114, in __init__
        super().__init__(*args, **kwargs)
        File "/usr/lib/python3/dist-packages/selenium/webdriver/chrome/webdriver.py", line 95, in __init__
        RemoteWebDriver.__init__(
        File "/usr/lib/python3/dist-packages/selenium/webdriver/remote/webdriver.py", line 152, in __init__
        self.start_session(capabilities, browser_profile)
        File "/usr/lib/python3/dist-packages/selenium/webdriver/remote/webdriver.py", line 249, in start_session
        response = self.execute(Command.NEW_SESSION, parameters)
        File "/usr/lib/python3/dist-packages/selenium/webdriver/remote/webdriver.py", line 318, in execute
        self.error_handler.check_response(response)
        File "/usr/lib/python3/dist-packages/selenium/webdriver/remote/errorhandler.py", line 242, in check_response
        raise exception_class(message, screen, stacktrace)
        selenium.common.exceptions.WebDriverException: Message: unknown error: cannot parse capability: proxy
        from unknown error: 'noProxy' must be a string
        (Driver info: chromedriver=2.41.578700 (2f1ed5f9343c13f73144538f15c00b370eda6706),platform=Linux 5.10.0-kali3-amd64 x86_64)


        I'm getting this error...kindly help

        Delete Comment
        • Kali Linux photo
          Kali LinuxApril 26, 2021 at 5:40 PM

          You probably have a separate installation of chromedriver installed. Type
          which chromedriver
          command into terminal and see what your computer is using. If it tells you that it's in /home/$username/bin then you either put it there historically or you have homebrew installed or something else. If it's in /usr/bin or /usr/local/bin it's probably from apt so just do a
          sudo apt update && sudo apt upgrade
          and see if it works. If it's from snap, update it with snap. Else, just rename the binary from chromedriver to something else.

          You should probably just have your script download the chromedriver into docker/the cloned repo and use it regardless of whether it is installed or not. It's a pretty tiny file, after all, and people who have another chromedriver somewhere in their PATH will be sort of screwed because the detection mechanism doesn't look to see if the chromedriver version matches with the currently installed primary version of Chrome.

          Delete Comment
          • AnonymousAugust 14, 2021 at 3:49 PM

            [+] The cookies seems valid !
            Traceback (most recent call last):
            File "/root/GHunt/check_and_gen.py", line 196, in
            driver = webdriver.Chrome(
            File "/usr/local/lib/python3.9/dist-packages/seleniumwire/webdriver.py", line 120, in __init__
            super().__init__(*args, **kwargs)
            File "/usr/local/lib/python3.9/dist-packages/selenium/webdriver/chrome/webdriver.py", line 76, in __init__
            RemoteWebDriver.__init__(
            File "/usr/local/lib/python3.9/dist-packages/selenium/webdriver/remote/webdriver.py", line 157, in __init__
            self.start_session(capabilities, browser_profile)
            File "/usr/local/lib/python3.9/dist-packages/selenium/webdriver/remote/webdriver.py", line 252, in start_session
            response = self.execute(Command.NEW_SESSION, parameters)
            File "/usr/local/lib/python3.9/dist-packages/selenium/webdriver/remote/webdriver.py", line 321, in execute
            self.error_handler.check_response(response)
            File "/usr/local/lib/python3.9/dist-packages/selenium/webdriver/remote/errorhandler.py", line 242, in check_response
            raise exception_class(message, screen, stacktrace)
            selenium.common.exceptions.WebDriverException: Message: unknown error: cannot find Chrome binary

            tell me solution of this error please please

            Delete Comment
            • Kali Linux photo
              Kali LinuxAugust 14, 2021 at 7:01 PM

              Your Problem solved here.

              Delete Comment
            • Armaz1 photo
              Armaz1February 6, 2021 at 9:13 PM

              i get the following error when i run the command and yes i do have chromedriver extracted in the GHunt folder pls help

              python check_and_gen.py
              File "check_and_gen.py", line 114
              cookies[name] = input(f"{name} => ").strip().strip('\"')
              ^
              SyntaxError: invalid syntax

              Delete Comment
            • The Reporter photo
              The ReporterApril 6, 2021 at 10:35 PM

              please help,
              can't open file '/root/Desktop/GHunt/hunt.py'

              Delete Comment
            • Unknown photo
              UnknownApril 26, 2021 at 10:24 PM

              Hello,
              which chromedriver
              /usr/bin/chromedriver
              Thanks for the reply. But its still showing me the same error even after doing sudo apt update && sudo apt upgrade.


              Delete Comment
              • Kali Linux photo
                Kali LinuxApril 28, 2021 at 5:38 PM

                It looks the latest chromedriver missing on your system. You should probably just have your script download the chromedriver into docker/the cloned repo and use it regardless of whether it is installed or not. It's a pretty tiny file, after all, and people who have another chromedriver somewhere in their PATH will be sort of screwed because the detection mechanism doesn't look to see if the chromedriver version matches with the currently installed primary version of Chrome.

                Delete Comment
              • AnonymousMay 29, 2021 at 6:05 PM

                HI,
                I USED THIS python3 check_and_gen.py command i am getting following error


                root@kali:~/GHunt# python3 check_and_gen.py

                Traceback (most recent call last):

                File "check_and_gen.py", line 10, in

                from seleniumwire import webdriver

                ModuleNotFoundError: No module named 'seleniumwire'

                root@kali:~/GHunt#

                Delete Comment
                • Kali Linux photo
                  Kali LinuxMay 30, 2021 at 1:17 PM

                  Install seleniumwire by using following command then try it again.

                  sudo pip3 install selenium

                  Delete Comment
                • AnonymousAugust 16, 2021 at 10:48 AM

                  [+] The cookies seems valid !
                  Traceback (most recent call last):
                  File "/root/GHunt/check_and_gen.py", line 196, in
                  driver = webdriver.Chrome(
                  File "/usr/local/lib/python3.9/dist-packages/seleniumwire/webdriver.py", line 120, in __init__
                  super().__init__(*args, **kwargs)
                  File "/usr/local/lib/python3.9/dist-packages/selenium/webdriver/chrome/webdriver.py", line 76, in __init__
                  RemoteWebDriver.__init__(
                  File "/usr/local/lib/python3.9/dist-packages/selenium/webdriver/remote/webdriver.py", line 157, in __init__
                  self.start_session(capabilities, browser_profile)
                  File "/usr/local/lib/python3.9/dist-packages/selenium/webdriver/remote/webdriver.py", line 252, in start_session
                  response = self.execute(Command.NEW_SESSION, parameters)
                  File "/usr/local/lib/python3.9/dist-packages/selenium/webdriver/remote/webdriver.py", line 321, in execute
                  self.error_handler.check_response(response)
                  File "/usr/local/lib/python3.9/dist-packages/selenium/webdriver/remote/errorhandler.py", line 242, in check_response
                  raise exception_class(message, screen, stacktrace)
                  selenium.common.exceptions.WebDriverException: Message: unknown error: cannot find Chrome binary

                  explain this problem solution in clear
                  explain this problem solution properly.
                  please tell full solution step by step
                  please please

                  Delete Comment
                google-playkhamsatmostaqltradent