Bypassing Two Factor Authentication
Hello guys so today in this blog, I will tell you "How can you bypass two-factor authentication (2FA)?", So let's start...
So Two Factor Authentication is a security process. To use this User requires to provide different ways of verification to identify their identities before they access the account or any system. The two-factor authentication (2FA) provides an additional security layer for the user. The two-factor authentication (2FA) is something that only the user knows such as a password or pin and sometimes it is a mobile device or security token. Whenever the user tries to login into the account or system he or she must provide both identification factors to identify their identities.
There are several types of 2FA listed below:
- SMS-based authentication: In this type of authentication generally the verification code is sent to the mobile device via normal text message.
- Biometric authentication: Biometric authentication needs the user's biometric data like Fingerprint and Face ID.
- Mobile-authentication applications: An authentication app is installed on the user's device that creates a unique code to verify the identity.
- Hardware tokens-based authentication: Verify identity using a physical device.
Now we know what is 2FA, So let's learn about how to bypass it.
There are some pre-requirement for that, First one is you know the User ID and Password you can steal it from your victim using various ways you learn previously. Such as Phishing port forwarding and another type of attacks we covered in our previous blogs and some tools/scripts (advphish, NGROK).
I am performing this attack using Parrot OS, You can also perform this attack using termux on your android device.
To install it on android follow the below steps:
Copy and paste this link into Termux Terminal.
git clone https://github.com/Ignitetch/AdvPhishing.gitChange the Directory.
cd AdvPhishing/Give the executable permission.
chmod 777 *Start the installation process. It asks for a ngrok token so paste the token.
./Android-Setup.shNow it is installed run it.
./AdvPhishing.shTo install it on Linux follow the below steps:
Copy and paste this link into Termux Terminal.
git clone https://github.com/Ignitetch/AdvPhishing.gitChange the Directory.
cd AdvPhishing/Give the executable Permissions.
chmod 777 *Start the installation of the setup. It asks for a ngrok token so paste the token.
./Linux-Setup.shNow it is installed run it.
./AdvPhishing.shNow we have done the installation of tools.
After running the tool it shows you the dashboard and it also shows the sites where you can make the phishing page. Now we are going to create a phishing page on Instagram with the help of following the given steps:
- Enter Choice 3
- It automatically starts the required downloads and starts the NGROK servers.
- Then it gives you the link to send to the victim.
- Whenever the victim enters the username and password. This tool informs you.
- After that this tool will ask for OTP when the victim enters OTP then you can log in using that OTP successfully.
I hope it will help you to learn Ethical Hacking More...!
NOTE: We created this post only for educational purposes! computertipstricks.tech or author of post are not responsible for any suspicious activity of audiences. 👀
Hope this post will help you to know more about Hacking using Android!
0 Comments
Please do not add Any Spam link in Comments !