Fix "pip is configured with locations that require TLS/SSL, however the ssl module in Python is not available." In Termux

 Many of Termux users facing issue of pip module when you trying to update or install pip package, it will shows following error - 

WARNING: pip is configured With Locations that require TLS/
SSL. however the SSI module in Python is not available.
WARNING: Retrying (Retry( total-a, connect-Noner read=None,
redirect=None, status=None)) after connection broken by 'SS
connect to HTTPS URL because the SSL module i
s not available. :
/ simple/prettytable/

The main issue is occurring due to missing SSL module. So we required SSL module to use pip. To fix this issue, we need to install openssl package into Termux. So follow these steps to fix this issue.

 

Steps -

1) Update packages

$ apt update && apt upgrade

2) Now install openssl package

$ apt install openssl

3) After installing openssl, check pip is working or not

$ pip install --upgrade pip

4) If there isn't error, Then it means issue is resolved.

If you have any issue related to this post, Please comment below.

 

Also Read -

How to create a ESP8266 Wi-Fi Deauthenticator 

Useful OSINT tool for Bug Hunters - Photon

 

Tags -

#termux #issue #pip #pipissue #ssl

Useful OSINT tool for bug hunters - Photon [2024]

 

OSINT tool is an open source intelligence (OSINT) tool designed to search for subdomains, web archives, and other related information. It works by using Google's API to pull data from the site, then processes it through a number of different filters before presenting it back to the user in a clean and easy-to-read interface.

In this post, we are going to discuss about a OSINT tool - Photon. Photon is a python-based tool which is useful in various purposes like Website cloning, find archive pages and subdomains of any website. 

 

Photon can extract the following data while crawling:

• URLs (in-scope & out-of-scope)
• URLs with parameters
• Intel (emails, social media accounts, amazon buckets etc.)
• Files (pdf, png, xml etc.)
• Secret keys (auth/API keys & hashes)
• JavaScript files & Endpoints present in them
• Strings matching custom regex pattern
• Subdomains & DNS related data

 

Installation

1) Update packages

$ sudo apt update

 

2) Install required packages

$ sudo apt install python git

 

3) Clone Photon from Github

$ git clone https://github.com/s0md3v/Photon

 

4) Install requirements

$ cd Photon

$ sudo pip3 install -r requirements.txt

 

5) Now run this tool

$  python3 photon.py -h

You will see instructions to use Photon

How to Use -

 

1) To find all URLs in any website

You can easily find all URLs including hidden URL by using this -

$ python3 photon.py -u http://testphp.vulnweb.com/ --only-urls

2) To clone website

You can easily clone any website by using this -

$ python3 photon.py -u http://testphp.vulnweb.com/ --clone

3) To find subdomains

You can easily find subdomains and DNS data of any website by using this -

$ python3 photon.py -u http://testphp.vulnweb.com/ --dns

 

Output will be stored in the directory format of website's name.

If you're facing any issues regarding this, please comment below.

Related Information - 

What is Open-Source Intelligence (OSINT)?

OSINT Tools and Techniques

 

Also Read - 

Fix Termux repository related issues [2022]

How to create metasploit payload easily using Linux and Termux

Tags -

#linux #OSINT #tool #termux #subdomain-finder

Top 5 Subdomain Takeover Tools of Github for Linux [2024]

 

Obtaining a subdomain is an attack in which an attacker has complete control over the subdomain. This happens when the provider deletes the web content on the domain but forgets to delete the DNS record.
This error could allow an attacker to gain control of a subdomain, which could allow an attacker to perform any type of attack using that subdomain, including phishing and mapping.
To find out which subdomain is easier to control, you need some tools to find that particular subdomain. That way, you can prevent such attacks. Here are some tools to help you identify subdomains that are easy to adopt.
This will help you find that subdomain. These tools are free to use and display results in less than a minute.

Here are some tools to takover subdomains -


1) subzy

Subzy is a golang tool which helps you to find which subdomain is ready to takeover.

 

Link - https://github.com/LukaSikic/subzy


2) SubOver

SubOver is likewise a Go language based tool. It can undoubtedly identify and report vulnerable subdomain that can easily takeover.

Link - https://github.com/Ice3man543/SubOver


3) takeover

takeover is a Python based tool which recognize a subdomain which is not difficult to takeover.

Link - https://github.com/m4ll0k/takeover


4) subdomain-takeover

This tool also a python based which helps you to find which subdomain is ready to takeover.

Link - https://github.com/antichown/subdomain-takeover


5) subdover

Subdover is a MultiThreaded Subdomain Takeover Vulnerability Scanner Written In Python3, Which has more than 70+ Fingerprints of potentially vulnerable services. Uses CNAME record for verification of findings.

Link - https://github.com/PushpenderIndia/subdover


If you have any query, please comment below.


Also read -

How to do phishing attacks in termux using SocialFish

How to create metasploit payload easily in linux & termux

How to install gui in termux

How to do phishing attack in Termux using SocialFish

Phishing is a very common attack which is used to steal sensitive information such as username, passwords, credit/debit card details, etc.
If you want to do phishing attacks, there are some plenty tools which helps you to do such attacks but there are certain limitations in these tools. Most of the time the phishing pages used in these tools are inaccurate which can be easily identified.
So to overcome this issue, there is a tool which helps you to do phishing attacks with accurate phishing pages and more features. In this post we are going to use a tool called 'SocialFish' - a python based tool for phishing attacks. We are using this tool in termux. So follow below steps to install this tool in termux.



Features of SocialFish -

• Real-time web page cloning

• Simple and interactive UI

• Easy to use

• You can get victim's device details and lot of information

• Track multiple attacks at a time.

Installation


1) First update all packages

 

$ apt update && apt upgrade

2) We need to install required packages

 

$ apt install python git 

3) Now, clone 'SocialFish' repository from github

$ git clone https://github.com/Deadpool2000/SocialFish

4) Goto SocialFish folder

$ cd SocialFish

5) Now we need to install pip packages required for this tool

$ pip install -r requirements.txt

Usage -

1) To use SocialFish, run this command -

$ python SocialFish.py <username> <pass>

for e.g. python SocialFish.py  root  toor

Here 'root' and 'toor' are username & password. You can use any username & password.

2) After this, open your browser and goto this address and login -

0.0.0.0:5000/neptune

3) After this, you will see two input boxes -

    1] The upper one is to clone the page which you want to use in phishing.

 
    2] The lower one is to redirect to another link when a vicitim enter his credentials.

4) So in the first box, we will enter a URL which we want to clone. Here I am using Github's login page for phishing. So here I am gonna use this link - 

'https://github.com/login'

 

 

5) Now in the second box, I am using a redirection link. When victim enters his login credentials on cloned github page, it will redirect to the redirected link. For this, I am using same link so victim thinks that it was an error. So again I am using 'https://github.com/login' for redirection.

 

6) Now click on the button as shown in the picture to make a phishing page -

 

7) Now go back to Termux and send this link to the victim as specified in the picture (IP address is hidden)-

8) As soon as victim click on the link and enter credentials,the phishing page redirected to original link.


9) Now refresh your browser, scroll down and click on 'View'. You will get some plenty information.

10) Here you can see username and password which filled by victim.

 

11) To stop this tool, use 'Ctrl + C'.


That's it.

If you have any problem regarding this post, leave a comment !


Also read -

Create metasploit payload easily in linux and termux

Fix 'repository is under maintenance or down' error in termux

How to install routersploit on Termux [2021]

 

How to fix 'repository is under maintenance or down' Termux issue [2024]

 

 If you try to update packages in latest termux, you will get some plenty errors. 

 

E: The repository 'https://dl.bintray.com/grimler/game-packages-24 games Release' does not have a Release file.
N: Metadata integrity can 't be verified, repository is disabled now.
N: Possible cause: repository is under maintenance or down (wrong sources.list URL?).
E: The repository 'https://dl.bintray.com/grimler/science-packages-24 science Release ' does not have a Release file.
N: Metadata integrity can't be verified, repository is disabled now.
N: Possible cause: repository is under maintenance or down (wrong sources.list URL?)

 

This common error occurs with recent updates to termux. The reason behind this error is that the official termux repository is under maintenance or may not work. Termux developers may working in the official repository.
Therefore, if you need to update the package without error, you need to change the repository to termux. Use a different package repository. Therefore, to resolve this issue, please follow the steps below -

Steps -


1) Run following command on Termux

$ termux-change-repo

2) You will see a dialog box. You need to select all option by pressing 'SPACE' key just like this and hit ENTER -

 

 

 

3) After this, we need to select another repository instead of official repository. So scroll down and select 'Mirrors by Grimler' by pressing 'SPACE' key.

 

4) After pressing ENTER key, Termux packages will update and you wouldn't see any errors. That's it !

 

 

** Important Update - Many people reported that Grimler's Repository is not working, So use A1batross's Repository instead of Grimler's Repository. **

 

If you have any kind of issue regarding this, please leave a comment !


Also read - 

 

How to install routersploit in Termux [2021]

 

How to create metasploit payload easily using linux and termux

How to install Phonesploit on Termux [2021]

 

 

 Phonesploit is a python based tool used for remote ADB (Android Debugging Bridge) exploitation. Using this tool, you can easily exploit any android device from remote ADB and can perform a bunch of tasks on target android device. Formerly, this tool only works on Linux but now you can use this tool on Termux with some easy steps. In this post we are going to use official PhoneSploit repository from github. So follow the steps to install this tool on termux.

Features of PhoneSploit

Access Shell

Screen record victim device

Screenshot a picture on victim device

Pull folders from victim device

Turn victim device off

Uninstall an app

Show real time log of victim device

Dump system info

List all apps on victim

Run an app

Port Forwarding 

NetStat

Grab wpa_supplicant

Turn WiFi On/Off

Show Mac/Inet

Remove Password

Extract apk from app

Use Keycode

Get Battery Status

Get Current Activity

Installation

 

First update all packages

  

apt update && apt upgrade

 

Install required packages

apt install android-tools python git

 

Now clone PhoneSploit repository from github

 

git clone https://github.com/aerosol-can/PhoneSploit

 

Goto PhoneSploit

 

cd PhoneSploit

 

Install pip packages

 

pip install colorama

 

Usage


Make sure that both devices are connected on same network.


Now on target device, make sure that 'USB Debugging' is on. If not, goto "Settings > developer options" and select USB debugging.


Now return back to your attack device and run following commands on Termux -

 

adb tcpip 5555

 

here you can use any port number instead of '5555'


Now identify IP address of target device. To identify it, Goto Settings > About Phone and you will see IP address of target device.


After this, run following command on attacking device

 

adb connect <ip_address_target_device>:<port_number>

 

e.g. adb connect 192.168.1.56:5555  (This is in my case)


Now run PhoneSploit tool using,

 

python phonesploit.py

Now you can run any command from PhoneSploit on target device remotely.

If you have any problem regarding this, leave a comment!

Share this post to your friends.

Also read - Install routersploit on Termux

 

How to install routersploit in Termux without any error [2025]

 

Routersploit is a exploitation framework used for embedded devices, specially for WiFi routers to exploit vulnerabilites. Routersploit is great tool for linux to exploit router's vulnerabilities but if we want to use this tool on Termux, we'll get some plenty errors while installation process. So in this post we are going to install Routersploit on Termux without any errors. Just follow below steps one by one to install this tool.

• Installation

1) First install python to run this tool

$ apt install python

2) Then upgrade pip by typing -

$ pip install --upgrade pip

3) Now we need to run this command to avoid some errors. 

(This is mandatory)

$ export CRYPTOGRAPHY_DONT_BUILD_RUST = 1

4) Now install 'cryptography' package by typing -

$ pip install cryptography

It will take some time to install cryptography

5) Now we are going to install 'routersploit' from pip packages, so type -

$ pip install routersploit

Just wait until complete installation.

6) After this, we need to clone 'routersploit' repository from Github, So type -

$ git clone https://www.github.com/threat9/routersploit

7) Goto 'routersploit' using -

$ cd routersploit

8) Now without doing anything, just run 'routersploit' by typing -

$ python3 rsf.py

That's it ! Now you can use Routersploit on Termux without any issues.

If you still facing the issues related to this tool, leave a comment !

Share this post to your friends -

Also read - Create payload easily in Linux & Termux

How to create metasploit payload easily using Linux and Termux

 Metasploit framework is a well known framework which is mostly used for penetration testing, especially for exploit execution on target machine.

To create a payload in metasploit, we need to manually create a payload by typing long command which is time consuming. So there are some plenty automated tools to create payload in easy way but the problem is many tools only works on Linux or sometime works on Termux. To overcome this issue, there is a tool which can create payload easily and works perfectly on both Linux & Termux. In this post we are going to use a python based tool called 'Paybag' to create payloads.

• Features of Paybag -

1) Simple and easy to use.

2) Works on both Linux & Termux.

3) Can start listener directly from tool. 

4) For Termux users, if you haven't Metasploit, it will download automatically on your system.

5) If you don't know about LHOST, you can select it from table.

• Installation -

1. For Linux users -

1) sudo apt-get install python3 python3-pip net-tools

2) git clone https://github.com/Deadpool2000/Paybag.git

3) cd Paybag

4) sudo pip3 install -r requirements.txt

5) python3 paybag.py 

2. For Termux users -

1) apt install python wget

2) git clone https://github.com/Deadpool2000/Paybag.git

3) cd Paybag

4) pip install -r requirements.txt

5) python paybag.py 

• Usage -

After running this tool, you will get following options -

1) Create a payload

Create a payload by just giving LHOST and LPORT and send it to victim.

All payloads will store in 'payload' folder.

2) Start Listner

After creating payload, just send it to victim & execute it on victim machine. Then select 'Start Listner' and select LHOST from table and enter LPORT which used while creating payload. After this, just wait until you get a successful connection.

3) Launch Metasploit

Using this option, you can launch metasploit directly from the tool.

That's it !

If you have any problem regarding this, leave a comment !

Share this post to your friends -

Also read - How to install Metasploit on Windows 10

Track IP address exact location using Linux & Termux

    If you want to check information of IP address, we always use IP lookup website to check the information of IP address such as location or ISP detail.

These website mostly show inappropriate information or a very limited information. In this post we are going to use a python based tool for IP lookup.

We are using a python tool 'IPicker' to get information of IP address. IPicker is a simple tool which gives us information about IP address and website such as location, ISP details, etc.

-----------------------------------------------------------------------------------------------

Features of IPicker -

1. Get your own IP address information.

2. Get any website's IP Address information.

3. Check IP address location from your browser and Google Maps App.

This tool is tested on Ubuntu and Termux App.

-----------------------------------------------------------------------------------------------

Installation:

1) First we need some packages to run this tool, So type following command -

    $ apt-get install python3 git

2) Now we are going to use IPicker tool for IP-lookup. We need to clone repo from Github, So type -

    $ git clone https://github.com/Deadpool2000/IPicker.git

3) Next, go to the IPicker directory using -

    $ cd IPicker

4) To run this tool, type -

    $ python3 ipicker.py

5) Now you will get two options. First option is to check your own IP information and second is to check other IP lookup.

6) If we select first option, we will get our IP address information with location. You can check your location on Map 

(Termux users will redirect to 'Google Maps' app)

7) If we select second option, you need to enter IP address or URL of any website. So enter IP address or URL and you will get related information.

If you have any problem about this, leave a comment !

Don't forget to share this post to your friends.