Skip to content
/ csrf_google Public

(csrf) google just got a idea to bypass or manipulate the 2fa in gmail service but was successfull in bypassing the device name in gmail 2fa

3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

hack-with-ethics/csrf_google

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
README.md
README.md
 
 

Repository files navigation

csrf_google

Hello Hackers ... and Programmers

Vulnerable csrf.. In Google Login[2 Factor Auth]

which allows modify the device Name ! That the attacker can mount a url that gets hacked or redirect to Malware Site

And The Location Info May also be changed !!

Check Out The ScreenShots..!! and try Exploiting Step By Step ! step 1: open Burp Suite

step 2 :Configure proxy Setup manually or automatically

step 3: under proxy settings > Try Find and Replace

Screenshot_2024-01-09_09_24_20

step 4: replace the device you need !! or Url U need !!

Screenshot_2024-01-09_09_24_46

step5: Login !

Screenshot_2024-01-09_09_25_38

Sample of The proc

Screenshot_2024-01-09_09_25_57

sample2

Screenshot_2024-01-09_09_48_51

Final Out:

WhatsApp Image 2024-01-09 at 21 52 32_c803b57f

About

(csrf) google just got a idea to bypass or manipulate the 2fa in gmail service but was successfull in bypassing the device name in gmail 2fa

Topics

csrf bypass csrf-attacks cross-site-request-forgery request-forgery google-bug google-csrf

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published