Jump to content
Hak5 Forums
1misscall

how to hack OTP site

Recommended Posts

HELLO ...
I want to hack or bypass or find OTP(one-time password) that this site sends to mobile phone numbers.

here is inspector of the site when you want to input activation code:
---------------------------------------------------------------------
<form id="fm" name="fm" method="post" action="/user/signUp.xhtml" enctype="application/x-www-form-urlencoded">
<input type="hidden" name="fm" value="fm">
<div id="fm:step2">

                <div class="form-check">
                    <div class="mobile-number-text"><input type="text" name="fm:j_idt15" autocomplete="off" class="text-field" disabled="disabled" placeholder="mymobilephonenumber">
                        <img src="assets/images/phone.png" class="mobile-number">
                        <label class="form-label">plz input activation code:</label><input type="password" name="fm:j_idt17" autocomplete="off" value="" dir="ltr" maxlength="6" tabindex="4" class="text-field mobile-pass allow-numbers-only" placeholder="activation code">                        
                    </div>
                    <div class="form">
                    </div>
                </div>

                <div class="clearfix">
                    <div class="col-xs-12 col-sm-4 col-sm-offset-4 col-md-6 col-md-offset-3 col-lg-6 col-lg-offset-3"><input id="fm:j_idt25" type="submit" name="fm:j_idt25" value="check activation code" tabindex="6" class="btn btn-secondary-dark btn-block" onclick="mojarra.ab(this,event,'action','fm:step2','@form',{'onevent':function(event) { handleMessage(event, 'fixed');$('.allow-numbers-only').numbersOnly();$('#fm\\:step2Captcha').val('');if (event.status == 'success') { refreshCaptcha('fm:step2CaptchaImage');}}});return false">
                    </div>
                </div></div><ul id="fm:message"><li class="tc-red">     </li></ul>
<input type="hidden" name="javax.faces.ViewState" value="-5386286413554590238:-6133632685432798175"></form>

--------------------------------------------------------------------------

this value="-5386286413554590238:-6133632685432798175"> is Variable for each activation code, for example activation code for this value is: "174944"

what kind of algorithm is this value? is there any way to decode these type of algorithm?
is there another way to hack?

 

plz help ...

Share this post


Link to post
Share on other sites

Greetings bro I really hope there is a simplest way to bypass the OTP cuz i have search so much without a credible answer.

  • Like 1

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×