BYPASS ANY OTP
GREG TYLER
(HACKERS PATHWAY TO BYPASSING ANY OTP)
A STEP-BY-STEP GUIDE.
COPYRIGHT NOTICE
This book must not be copied or reproduced in any format. Any unauthorized
use, distribution, or reproduction of this eBook is strictly prohibited. ©
Copyright 2022, All rights reserved.
LIABILITY DISCLAIMER
please The information provided in this book is to be used for educational
purposes only. Knowledge is power, please do not abuse the knowledge you gain
from this book. The creator of this book is in no way responsible for any misuse
of the information provided in this book. All of the information presented in this
book is meant to help cyber professionals develop a hacker-defense attitude. In
no way shall the information provided here be used to cause any kind of damage
directly or indirectly. i Emphasize strictly this is for ethical hackers.
You implement all of the information in this book at your own risk.
ACKNOWLEDGMENT
This book is Aimed at advanced hackers, but even a beginner might be able to
use tools, and likewise comprehend everything going on. But if you get confused
or stuck, it is an opportunity to learn more.
Preface
The term otp stands for a one-time password is something you should have been
familiar with before picking this book as this book shows you how to bypass any
of them that will be coming your way in the future first we will see how otp
works, and the different approach for the generation of OTPs down to the tools
involved.
CHAPTER 1: HOW OTP (2FA) WORKS
HOW OTP (2FA) WORKS
what is otp:
What is otp (one-time password)?
Are you kidding me? you don't know what otp (2fa ) is? and you picked up this
book? Anyway maybe you are thinking of otp from a different context: anyway
Otp (one-time password) or two-factor authentication: 2fa is also known as twostep authentication or two-step verification, it's a way of protecting online
accounts.
you put in your normal password which is the first "factor" used to authenticate
you.
A one-time password system provides a mechanism that automatically generates
a unique password for logging on to a network or website that can only be used
once within a specific period of time.
DIFFERENT APPROACH FOR THE GENERATION OF OTP
There are different ways in which users can be aware of the next OTP to use.
Some systems use special electronic security tokens which the user carries that
can generate OTPs and show them using a small display. But Other systems
consist of software that runs on the user's mobile device. While other systems
generate OTPs on the server side and send them to the user using an out-of-band
channel such as SMS (message to their phones) which is the most widely used
method today.
In some systems, OTPs are available in printed papers that the user is required to
carry about and protect for their own personal use.
While other mathematical algorithm schemes, it is also possible for the user to
Also provide the server with a static key for use as an encryption key, by only
sending a one-time password.
OTP generation algorithms usually make use of pseudorandomness to generate a
shared key or seed, and cryptographic hash functions, which can be used to
derive a value but are usually difficult to reverse and therefore hard for an
attacker to obtain the data that was used for the hash. This is usually necessary
else, it would be so easy to predict future OTPs by observing previous ones.
However On the downside, OTPs can be intercepted or rerouted, and hard tokens
also could get lost, damaged, or stolen. We are going to see the vulnerability of
otp and some of the approaches that were put in place to enhance web security,
in the upcoming chapters of this book.
CHAPTER 2: DIFFERENT APPROACHES TO
DESTROYING OTP
In this chapter, we will look at different techniques to bypass otp, there are many
ways to get the job done. We will look at the easiest to almost impossible
techniques, I will be revealing everything in this chapter.
3.
social engineering
malware approach (tools)
sim swap (ss7 attack)
1.
Social engineering:
1.
2.
social engineering: Is a Hacking technique that involves the psychological
manipulation and tracking of an individual into revealing confidential
information like passwords, user name, date of birth, etc, which can be used to
breach security systems or steal funds, Or gain access to your computer to
secretly install malicious software that will give them access to your passwords
and bank details as well as giving them control over your computer. Social
engineers often pose as people from the technical support team or people who
want to help you or offer you something of a favor. And this is one precious
way that otp gets out of hand.
Example
Attacker: Hi is jane from your bank I believe I'm talking to Elvis
Victim : yes
Attacker: please we are running maintenance on your account and when we are
done we will send a code to you to verify that the service is back and working
perfectly ok
Victim : ok thank you
a Few minutes later victim receives a message
Attacker: Hi Elvis, please we just sent you a code to verify that the service is
back and normal on your account. Can you please call the code for me?
Victim : ok
Angel Gabriel: please don't do this, that's your otp.
This is just a typical example of social engineering, but people are wiser these
days. It might not come like this. Social engineers use people's greed these days
against them by offering things the easy way, Watch out.
Counter attack
verify the source of every request:
Try to contact the company directly or check the real source of the request, don't
be in a haste this sometimes comes with some sense of urgency. If you're not
sure of the report or request, report the incident immediately.
ask for id:
insist that these imposters verify themselves.
secure your devices:
Ensure that you install anti-virus software and that they are up to date.
1.
malware approach (tools):
Malware comes from the term malicious software, they are programs that
execute unauthorized actions on the victim's computer, to infect and gain access
to the victim's computer without the user's consent.
How Malware can steal otp (2fa)
An attacker strategically places a malicious link, file, or attachment in front of
their victim , sometimes as a phishing email via social engineering tactics.
The victim clicks on the infected files, therefore triggering the malware to install
on their computer.
The malware proceeds to steal otp (2fa) when the attacker realizes the victim is
online he triggers a transaction, or sometimes compromises, or even destroys
sensitive data stored on the victim's system.
Counter attack
update your operating system always: inability to update your operating
system on a regular basis can expose your device to zero-day exploits to
compromise your device.
Beware of suspicious links and attachments: beware of suspicious links and
attachments through phishing emails, or any other forms like malicious websites
this is why everyone needs a virtual machine these days.
use ad blockers: always consider using ad blockers. Cybercriminals can use
pop-ups infused with Spyware to get your messages and otp in particular.
use anti-virus software: this cannot be overemphasized. Always use anti-virus
software and Malware scanners from legitimate and trusted vendors.
monitor your network: check data usage and disk space, when you observe
disk space and data is being used unnecessarily then Malware could be at work
just check your usage statistics.
log out of the internet at the moment If you fall victim to an attack log out of the
internet and temporarily log out of your online accounts.
1.
sim swap (ss7 attack):
You now live in a world where hackers can track your every move, listen to
your calls, read your texts, drain your bank account, and so on.
All of this without leaving their rooms, but the knowledge requires a lot of
effort.
Due to vulnerabilities in the SS7 protocol, this is the world in which you live
right now. one unstoppable way of bypassing otp is using ss7 attack aka sim
swap which will be explained in more detail in the next chapters with even a
step-by-step guide to carry out this attack, With all the tools that are involved.
SS7 means ( Signalling System 7) this is a communications protocol usually
used by all mobile carriers and networks all over the world. Its main purpose is
to allow accurate billing for services performed by one operator's network for
another one's client. It is responsible for making roaming possible, as well as
calling or texting when you are not in the coverage of one of your carrier's cell
towers.
Ss7 attack allows Hackers to read text messages, listen to phone calls, and track
mobile phone users' locations with just the knowledge of their phone number
using the Ss7 vulnerability.
Hacking into SS7 usually gives attackers the same capabilities as mobile
operators and intelligence agencies.
SS7 attacks can also be used to bypass encryption; this flaw was uncovered by a
German security researcher, Karsten Nohl.
We can see clearly the implication of hackers and cybercriminals tapping into
that kind of data. And this is exactly what is going on With just your phone
number which is an easily obtainable piece of information for anyone who is
desperate for it.
Anyone who has hacked into ss7 can be able to do the following:
Forward your calls
record your calls
listen to your calls
Receive your sms (messages)
Read SMS text messages sent between devices
Track the location of a phone.
So is your otp (2fa) still hidden?
And the main point here is that because SS7 allows attackers to read SMS
messages, they can also bypass the end-to-end encryption provided by services
such as WhatsApp, Telegram, Facebook, etc. And most especially two-factor
authentication.
In a scenario where you want to log into Facebook on a new device, you likely
need to fill in a password and a second code, which is usually sent to you via
SMS. But Because SS7 exploits allow reading such text messages, attackers can
obtain that code and then log into your account with the user's credentials. Using
such an approach, cybercriminals have been able to steal money from banks.
And other financial institutions.
Counter attack
If you wish to counter such attacks, you have no choice but to stop any sim
services, Avoid using regular calls and text messages.
And opt for end-to-end encrypted chat and VoIP. Then, you might want to do
away with regular telephony and SMS altogether. You don't have to use a sim
card because any attacker that gets your phone number has your accounts. And
For more reliable two-factor authentication, you can use a token or an extra
password, which is not sent to you via text, but through an encrypted channel.
CHAPTER 3: TOOLS FOR BYPASSING OTP (2FA)
This chapter will outline the tools and software that can enable you to carry out a
successful attack on otp aka 2fa (two-factor authentication).
Computer: yes you first need a computer, when it comes to bypassing otp you
can't do anything on your mobile phone in case you are getting tempted to think
that smartphones allow you to hack, and it can also allow you to bypass otp, no
get a computer, a laptop or desktop device.
Device specification
Any computer be it a desktop or laptop computer running 4 GB ram and more
than 50 GB of hard disk is enough but more is always better.
Kali Linux: Kali Linux is an operating system that is always considered a
hacker operating system because it has almost all the Hacking tools you will
ever need and you can easily add more from its repositories.
How to install kali Linux
If you are already running kali Linux, then bravo you can move on.
It is normal thing that getting to install kali Linux can be pretty challenging for
some people doing it for the first time, but don't worry here is a good step-bystep guide to install kali Linux.
Or follow this quick step-by-step guide, but if you already have Kali Linux or
you know how to do this please skip this section and move fast.
Step 1
Get your bootable media Ready Choose a Graphical install not to complicate
things.
Step 2
Choose your Language or a language you can read and understand.
Step 3
Choose your Geographical location.
Step 4
You can simply choose kali as your hostname.
Step 5
This is an optional domain name for our system to use by default you can
research more about this or you can just continue.
Step 6
Provide a username for setting up the user account.
Step 7
Depending on the username chosen in the previous step a username will be
assigned by default for use.
Step 8
choose your time zone
Step 9
choose guided using entire disk
Step 10
Select the disk to be partitioned
Step 11
choose all files in one partition.
Step 12
is Almost finished, and irreversible changes will be made.
Step 13
Choose yes if you want to be able to install packages from kali repositories.
Step 14
Install Grub.
Step 15
We have completed the kali Linux installation click continue to Reboot into your
new operating system.
And here is it you can see that installing kali Linux is easier than opening a new
Facebook account nobody requires your phone number or Email.
Ss7 SDK:
You will need to download any ss7 SDK (software development kit) Note there
are different tools for this purpose. It's a major tool you need to carry out ss7
attacks, strictly head to Git Hub. And download an ss7 SDK to get started. ss7
SDK from GitHub
modlishka:
Modlishka is a Phishing tool in kali Linux that can be used to bypass otp,
Modlishka is a go-based phishing proxy that takes your phishing campaigns to
the next level. The main magic that makes it different from the other phishing
tools, is that it supports 2FA authentication. And It is easy to configure with
great flexibility that allows the attacker to control all the traffic from a target's
browser. You can read more about this tool here
And how to use modlishka. How to install and use modlishka.
gr-gsm ss7 tool:
This is a great tool for carrying out an ss7 attack based on the gsm-receiver
written by Piotr Krysik who is also the main author of gr-gsm for the Airprobe
Project.
This tool aims to provide a set of tools for receiving information transmitted by
GSM equipment/devices. You can install this tool on GitHub or learn more about
the gr-gsm ss7 tool using the link below
learn how to use the gr-gsm tool.
CHAPTER 4: STEP-BY-STEP GUIDE TO BYPASS
OTP USING MODLISHKA
In the previous chapter I have explained what modlishka is and what it can do,
so in this chapter I will outline a quick step-by-step guide to bypass otp using
modlishka
First step
First install Modlishka, download from GitHub
With this command
go get -u github.com/drk1wi/Modlishka
go inside the folder and run the make file depending on your OS.
cd $GOPATH/go/src/github.com/drk1wi/Modlishka/
And use the ./dist/proxy -h command it will help you to do everything possible.
A good map to knowing everything about using the application.
Second step
. You Fetch the source
You will first have to fetch the latest source code from Git Hub.
$ git clone https://github.com/drk1wi/Modlishka
Then Compile
Now Run the following command:
make
You can also compile for one of the predefined targets:
make Linux or make windows or make freebsd
Then Run the proxy
If you are sure everything was compiled properly. Then you should have a
compiled Modlishka binary in the 'dist' folder. Execute the binary and review the
different options that are available using:
./dist/proxy -h
A very helpful command.
CHAPTER 5: TO DEFEND AGAINST OTP
BREACH FROM THIS ATTACK
IS IMPOSSIBLE
When it comes to defending yourself against this technique you just have to
forget the fact that you can not use any defense mechanism against this attack:
ss7 attack.
Ss7 attack is a flaw in the communications protocol used by all mobile carriers
and networks all over the world.
To counter such attacks, you must first stop using regular calls and text
messages, and you want to do away with regular telephony and SMS altogether.
You just don't have to own a sim card because any attacker with your number
will have access to you unless you are not a target.
Ss7 attack takes advantage of flaws that are outside of your own control, and
there is nothing you can do about it.
CHAPTER 6: DESTROY ANY OTP USING SS7
ATTACK (THE DEMON APPROACH)
This chapter will walk you through a step-by-step guide on how to bypass otp
using this ss7 attack tool called gr-gsm
First you need a computer
You need a kali Linux operating system
And nothing more but a stable internet connection
If you haven't installed Kali Linux yet, do so if you already have everything in
order you may get some cup of coffee or some burger let's get going.
gr-gsm installation
The Installation of gr-gsm is the only challenging process on your journey to
bypassing otp with the gr-gsm tool but is not different from the process of
installation of any Linux package, There are many ways to install gr-gsm: let's
go through them one by one so that you can decide to go with the much easier
method.
Manual compilation and installation
Right now the manual method of installation is considered to be the easiest way
to get the newest version of gr-gsm up and running. The gr-gsm repository
contains automatic tests of manual installation in the form of docker files that are
built and executed by Travis CI continuous integration service.
The instructions presented here are from various sources and my personal
experience, however below are li links to various resources and guides should in
case of confusion, and problems during installation and running gr-gsm.
So in case of installation problems, it is a good idea to look into it.
In general, to be able to install gr-gsm, installation of the following dependencies
is required:
GNU Radio with header files
development tools: git, cmake, autoconf, libtool, pkg-config, g++, gcc, make,
libc6 with headers, libcppunit with headers, swig, doxygen, liblog4cpp with
headers, python-scipy
gr-osmosdr
libosmocore with header files
After installing them now you can move on to download the gr-gsm's source and
build it with following commands:
git clone https://gitea.osmocom.org/sdr/gr-gsm cd gr-gsm mkdir build cd build
cmake .. mkdir $HOME/.grc_gnuradio/ $HOME/.gnuradio/ make
Run As root
make install ldconfig
To speedup compilation instead of "make" you can use parallel build
make -j $nproc
where "$nproc" is the number of CPU cores. The "mkdir
$HOME/.grc_gnuradio/ $HOME/.gnuradio/" line is there because without it
parallel build sometimes fails.
(Debian Testing, from Ubuntu 16.04+, Kali Rolling Edition)
Now Install all the needed prerequisites using the following command ('sudo' is
needed on Ubuntu-based distributions, on other distributions, it should always be
omitted and commands starting with 'sudo' should be executed with superuser
rights don't forget):
sudo apt-get update && \ sudo apt-get install -y \ cmake \ autoconf \ libtool \
pkg-config \ build-essential \ python-docutils \ libcppunit-dev \ swig \ doxygen \
liblog4cpp5-dev \ python-scipy \ python-gtk2 \ gnuradio-dev \ gr-osmosdr \
libosmocore-dev
Now download the gr-gsm's source and build it with following commands:
git clone https://gitea.osmocom.org/sdr/gr-gsm cd gr-gsm mkdir build cd build
cmake .. mkdir $HOME/.grc_gnuradio/ $HOME/.gnuradio/ make sudo make
install sudo ldconfig
To speedup compilation instead of "make" you can use parallel build
make -j $nproc
Installation from packages: Debian Testing and Ubuntu 18.04+
Gr-gsm has packages for Debian Testing that were subsequently included in
Ubuntu starting from 18.04. On these systems, gr-gsm can now be installed by
simply doing:
sudo apt-get install gr-gsm
As of gr-gsm's version 0.41.2 grgsm_livemon application doesn't work because
of the change of PyQT version in the current Debian Testing and Ubuntu 18.04.
For you to be able to use this program you can just generate a new version out of
"grgsm_livemon.grc":
wget https://gitea.osmocom.org/sdr/grgsm/raw/branch/master/apps/grgsm_livemon.grc grcc -d . grgsm_livemon.grc
mv grgsm_livemon.py grgsm_livemon
Hence you move the grgsm_livemon file into a directory in the search path, i.e.
/usr/local/bin. And there you go.
Compilation and installation with the use of Pybombs:
Note: the pybombs installation is broken because mainline gr-gsm is not yet
compatible with GNU Radio 3.8
Installation with the use of Pybombs is not something I will cover here because
the other processes are more suitable but if you wish to check them well good for
you, use the links below.
For more instructions on gr-gsm installation with the use of Pybombs.
Gr-gsm Compilation and installation with the use of Pybombs:
The usage of gr-gsm is not different from using any Linux application just by
hitting the help command. And you have with you all the gr-gsm command line
at your fingertip.
CHAPTER 7: MY FINAL THOUGHTS
MY FINAL THOUG
Congratulations on completing the hacker's pathway to bypassing any otp,
Hacking is beyond the CEH course, or any other courses available, is a
continuous part of learning and adapting to new concepts.
This book will not help an absolute beginner looking for a quick way to start
Hacking without even understanding Linux, seriously things are going to
frustrate and annoy you along the way.
Using an ss7 attack is not for a total beginner to Hacking, especially without
mastery of Linux, it is very essential. But future editions of this book will
address some problems for total beginners or wannabe hackers that are so much
in need of this skill, but if you wish to master Hacking and don't know what to
learn or where to start this guide can help you and remember there are free books
out there you can choose to give results or give Excuses, nobody is going to put
books on your table. And here is an Ultimate Guide to mastering hacking .
But don’t forget hacking is beyond articles.
And this is exactly what worked for me.
HACKERS GUIDE
“My Name is Joe I hate reading those long lines of text but I have a great
passion for hacking”
Quit, hacking is not for you, no long stories quit for your good.
“ My Name is Pascal. I am so obsessed with this craft and I want to be able to
defend other systems and find vulnerabilities, and I have a passion for reading.
Go ahead, hacking is for you.
NOTE: if your decision to become a hacker is in any way motivated by money
then quit, get a job or work your way toward a job that has a high-paying
potential, and if your situation right now is just poor and you want to learn
hacking I will advise you try to learn or find a way
to constantly put food on your table first, this is why we have so many teen
hackers, their parents are still putting food on their table. because BOREDOM
AND DRUDGERY IS DEAD SENTENCE TO HACKERS MIND.
There is a lot of money that can be made from Ethical hacking. Do not focus on
the negative. A black hat hacker can never be a billionaire likewise a thief. Take
a look at all the computer scientists that made it, Bezos, Bill Gates, and others,
be creative. Right now if you can find a vulnerability on Facebook and report it
you could be rewarded with a million dollars or more, be wise if you must learn
this craft.
When I left school I started teaching myself:
MATHEMATICS
PHYSICS
COMPUTER SCIENCE
Behind all the viral topics I have been learning I must admit these are some of
the key things, you must learn to become a master hacker at the top of your
game even if you are about to start from zero. With everything in a very simple
context.
But if you want a short but complete guide to hacking then check my new book
on how to become a hacker
PROGRAMMING:
You need to master programming python is your best bet, but I go all the way
with
HTML
CSS
JAVASCRIPT
SQL
PHP
RUBY
JAVA
C
C++
ASSEMBLY LANGUAGE
Don’t limit yourself once you have already understood programming, learning
another high-level language is just about one week, even if you are lazy.
You cannot skip programming if you wish to master hacking no matter what
anyone tells you.
Don’t forget this, if you are starting Programming:
don’t try to memorize code, only remember what is available and possible. It
will come naturally as coding becomes your game.
Don’t be too serious, when it is too tough take a walk and come back to your
desk with a fresh eye. You need some headphones. It doesn't just block
background noise but stops you from banging your head as sia-unstoppable is
playing.
Build a project around whatever you are learning, in programming you only
understand when you do.
Google is your friend, a programmer googles
9988783673673673373673673673637 times, remember you are not memorizing
anything, google will take you to w3school almost all the codes you need are
already there.
REVERSE ENGINEERING :
Once you master programming this is one skill that you can’t do without.
make sure to try some open-source projects and don’t just learn but practice.
I HEAR AND I FORGET.
I SEE AND I REMEMBER.
I DO AND I UNDERSTAND
CONFUCIUS
CRYPTOGRAPHY:
This will make your life as a hacker easier when dealing with passwords and
encryptions. And for building a secure system. Encryptions also allow malware
to slip by undetected.
THE CORE OF OS / KALI LINUX:
You need to master the ins and outs of how operating systems work, especially
kali Linux participates in some open-source projects.
EXPLOIT WRITING:
Metasploit can ease your work but remember you want to play beyond tools.
You can use python to write wonderful exploits that can go undetected by
antivirus. You need to know debugging and computer memory to do this.
THE CORE OF NETWORKING:
You need to understand how networks work, try to build a local network
experiment with all this stuff, and understand the ins and outs.
* Subnet, LAN, WAN, VPN DHCP
* IPv4, IPv6
* DNS
* OSI model
* MAC addressing
* ARP
ANTI-FORENSICS:
Lastly You can only be considered an expert hacker only when you are not
caught! If you were caught hacking or doing anything wrong then you can never
become an Expert hacker.
And the more you know about digital forensics, the better you can grow at
avoiding and evading detection.
And also Learn where incriminating information is stored and also understand
how to erase them in a secure way.
10 BOOKS EVERY EXPERT HACKER
MUST READ
There is no limit to what should be read by he who desires knowledge keep
searching for your truth and skipping the irrelevant - Greg Tyler
These books will take you half a mile to the journey but do not stop here there is
no such thing as the best book. The journey is far and new techniques emerge
every day but they all share the same thing in common.
GHOST IN THE WIRES - KEVIN MITNICK
THE BASICS OF HACKING AND PENETRATION TESTING - DR PATRICK
HOW COMPUTERS WORK - RON WHITE
HACKING THE ART OF EXPLOITATION - JON ERICKSON
THE HACKER PLAYBOOK 2 - PETER KIM
UNDERSTANDING CRYPTOGRAPHY - CHRISTOF PAAR.
THE ART OF INTRUSION - KEVIN MITNICK
THE ART OF INVISIBILITY - KEVIN MITNICK
HARDWARE HACKING - JOE GRAND & KEVIN MITNICK
SECRET OF REVERSE ENGINEERING - ELDAD ELIAM
Goodluck
REMEMBER ANYTHING WORTHWHILE IN LIFE WILL REQUIRE A WORTHWHILE EFFORT
CONTACT ME
EMAIL: gregtyler940@gmail.com
MY FACEBOOK PAGE
WEBSITE: https://www.gregbooks.ml
Other books
THANK YOU FOR READING MY BOOK.
LEAVE AN HONEST REVIEW OF MY
WORK