▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑BugBounty: How I Cracked 2FA (Two-Factor Authentication) with Simple Factor Brute-force !!! 😎

1) Generally, OTP is a combination of 4 digits starting from 0000 to 9999. If we count there 10,000 combinations. In the age of powerful computer 10,000 combinations take only a few minutes to process. If OTP verification is not properly managed, anyone can bypass this with a simple brute force.
Why I was able to bypass the 2FA?
No rate limiting on an unsuccessful attempt
No new OTP policy on X unsuccessful attempt

🦑Few prerequisites:

1) Web Browser

2) Burp Suite
Now let's see how I was able to bypass the 2FA with burp suite:-

Step 01: Logged into the website using the mobile number and entered the wrong OTP to intercept on burp suite

Step 02: Sending the verifyOTP API call to the intruder.

Step 03: Selecting the OTP placeholder and add it for simple brute force.

Step 04: Select the Payload tab, changed the payload type to Numbers and change the payload options as desired and clicked on the attack.

Step 05: As the brute force was in progress I could see length for one of the OTP value is changed from 617 to 2250. Lets check:

Hence, The simple brute force was successful.

🦑Cracking Otp-with pic-
> not written by undercode
> wiki source

🦑Stone River eLearning - Common PHP Errors You Will Encounter —165 MB

https://www.oreilly.com/library/view/common-php-errors/100000006A0493/

>Download<

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑CyberScan is an open source penetration testing tool that can analyse packets , decoding , scanning ports, pinging and geolocation of an IP including (latitude, longitude , region , country ...)
> termux-linux

🦑 𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ :

1)git clone https://github.com/medbenali/CyberScan.git

2)cd CyberScan/

3)python CyberScan.py -v

ARP Ping
$ CyberScan -s 192.168.1.0/24 -p arp
* Starting Ping ARP for 192.168.1.0/24
Begin emission:
Finished to send 256 packets.

Received 0 packets, got 0 answers, remaining 256 packets
ICMP Ping
In other cases we can use ICMP ping:

$ CyberScan -s 192.168.1.1-254 -p icmp
* Starting Ping ARP for 192.168.1.0/24
Begin emission:
Finished to send 256 packets.

Received 0 packets, got 0 answers, remaining 256 packets
TCP Ping
In case when ICMP echo requests are blocked, we can still use TCP:

$ CyberScan -s 192.168.1.1-254 -p tcp -d 80
UDP Ping
Or even UDP (which produces ICMP port unreachable errors from live hosts). We can pick any port which is most likely to be closed, such as port 0:

$ CyberScan -s 192.168..... -p udp

✅@undercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑CyberScan is an open source penetration testing tool that can analyse packets , decoding , scanning ports, pinging and geolocation of an IP including (latitude, longitude , region , country ...)
> termux-linux

🦑 𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ :

1)git clone https://github.com/medbenali/CyberScan.git

2)cd CyberScan/

3)python CyberScan.py -v

ARP Ping
$ CyberScan -s 192.168.1.0/24 -p arp
* Starting Ping ARP for 192.168.1.0/24
Begin emission:
Finished to send 256 packets.

Received 0 packets, got 0 answers, remaining 256 packets
ICMP Ping
In other cases we can use ICMP ping:

$ CyberScan -s 192.168.1.1-254 -p icmp
* Starting Ping ARP for 192.168.1.0/24
Begin emission:
Finished to send 256 packets.

Received 0 packets, got 0 answers, remaining 256 packets
TCP Ping
In case when ICMP echo requests are blocked, we can still use TCP:

$ CyberScan -s 192.168.1.1-254 -p tcp -d 80
UDP Ping
Or even UDP (which produces ICMP port unreachable errors from live hosts). We can pick any port which is most likely to be closed, such as port 0:

$ CyberScan -s 192.168..... -p udp

✅@undercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁