Spraying doesn't start due to UnicodeDecodeError

[Ma100Dev]

I have replaced URLs with REDACTED due to privacy concerns. Please tell me if this prevents my issue from being solved.

Command line input and output:

user@pop-os:~/Downloads/o365spray$ python3 o365spray.py --spray -U ../../users.txt -P ../rockyou.txt --count 2 --domain REDACTED

            *** O365 Spray ***            

>----------------------------------------<

   > version        :  3.0.0
   > domain         :  REDACTED
   > spray          :  True
   > userfile       :  ../../users.txt
   > passfile       :  ../rockyou.txt
   > count          :  2 passwords/spray
   > lockout        :  15.0 minutes
   > validate_module:  getuserrealm
   > spray_module   :  oauth2
   > rate           :  10 threads
   > safe           :  10 locked accounts
   > timeout        :  25 seconds
   > start          :  2022-09-29 16:47:37

>----------------------------------------<

[2022-09-29 16:47:37,905] [info] Validating: REDACTED
[2022-09-29 16:47:38,414] [info] [WARNING] The following domain appears to be using O365, but is Federated: REDACTED
	[!] --> ADFS AuthURL: REDACTED
[2022-09-29 16:47:38,414] [info] 

[ ? ]	Switch to the ADFS module for password spraying [Y/n] n
Traceback (most recent call last):
  File "/home/user/Downloads/o365spray/o365spray.py", line 6, in <module>
    main()
  File "/home/user/Downloads/o365spray/o365spray/__main__.py", line 272, in main
    spray(args, output_directory, enum)
  File "/home/user/Downloads/o365spray/o365spray/core/handlers/sprayer/spray.py", line 39, in spray
    passlist += Helper.get_list_from_file(args.passfile)
  File "/home/user/Downloads/o365spray/o365spray/core/utils/helper.py", line 135, in get_list_from_file
    list_ = [line.strip() for line in f if line.strip() not in [None, ""]]
  File "/home/user/Downloads/o365spray/o365spray/core/utils/helper.py", line 135, in <listcomp>
    list_ = [line.strip() for line in f if line.strip() not in [None, ""]]
  File "/usr/lib/python3.10/codecs.py", line 322, in decode
    (result, consumed) = self._buffer_decode(data, self.errors, final)
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xf1 in position 923: invalid continuation byte

Thank you in beforehand!

[0xZDH]

This error is due to the passwords stored within rockyou.txt - some passwords are not UTF-8 encoded.

I will look into options regarding varying encodings with password/username file handling, but for now if you want to resolve this issue you can do one of two things:

1. Use a modified version of rockyou.txt that does not include the problematic passwords.
2. Locally update the encoding type for the file read handler in o365spray located at: https://github.com/0xZDH/o365spray/blob/master/o365spray/core/utils/helper.py#L134. I believe latin-1 should work with rockyou.txt, but this could potentially cause further issues as I have not tested it myself.

[Ma100Dev]

Option 1 worked as a workaround, haven't tried no 2 yet. I will leave this issue open as the root of the problem in the application remains for now, though.