███╗   ███╗██╗███████╗███████╗██╗   ██╗ ██████╗ ██╗   ██╗
████╗ ████║██║██╔════╝██╔════╝╚██╗ ██╔╝██╔═══██╗██║   ██║
██╔████╔██║██║███████╗███████╗ ╚████╔╝ ██║   ██║██║   ██║
██║╚██╔╝██║██║╚════██║╚════██║  ╚██╔╝  ██║   ██║██║   ██║
██║ ╚═╝ ██║██║███████║███████║   ██║   ╚██████╔╝╚██████╔╝
╚═╝     ╚═╝╚═╝╚══════╝╚══════╝   ╚═╝    ╚═════╝  ╚═════╝ 

Overview

A tool to bruteforce API endpoints(Sends multiple concurrent requests to speed up the attack). MissYOU takes around 4 minutes with 24 threads in parallel to crack a 4 digit pin(otp).

Requirements:

• Python3
• pycharm(Optional)

Installation

pip3 install -r requirements.txt

Packages Used

json
requests
threading

Check it in Action: Click Here

Usage

python3 cb_missyou.py

Screenshots

Limitations

• Only 4 digit pin bruteforcing is supported because 6 digit pin has 1 million combinations which is not practical to bruteforce.
• Multi-threading is locked to 24 threads but you can manually change it in code (variable name: lock -13th line). Don't increase it too much because your system may halt or crash.
• No user choice for entering response code (no reasons) but you can change it in the code(it's needed most of the time, default: ['response']['success']). Pull requests will be open and you can change the code too, I will merge it once i have reviewed the changes (special thanks will be credited).
• Bruteforce does not work when IP-ratelimiting or reset otp counter is in place.
• Let me know if there are any left.

Where to use it

More than 70% websites are running without IP-ratelimiting, with 4 digit reset pin, without number of tries counter. So, these sites can be easily hacked with MissYOU.

Personal INFO:

Donations Help Me to Keep The Support and Development: Click Here.

FollowMe: Click Here.

Google Play: Codebreaker.

Website: Personal.