2021-09-04 14:14:42
HACK OTP FROM WORKING METHODOLOGIES
Let's take an example of PayPal for this. Assume you got a PayPal account, and want to sign in. After entering your password, you receive an OTP for login on your device. You enter the code and get the access. (method)
Now, I'm a blackie and I want your riches luring in your wallet. I do know your password, but I want to bypass the OTP checkpoint. I wish to intercept it off your phone and grab it. Here's what I can try:
Interception. If I use WireShark for sniffing your traffic, I'll get encrypted UDP packets sent to the PayPal server but will not get the SMS packets as it isn't connected to your network. Earlier, SS7 attacks allowed infiltrated hackers to even sniff SMPP (Simple Message Peer-to-Peer protocol) packets with SMS text in plain, but later got patched in modern OS releases. Sad.
SMS Forwarding. Sometimes, we unnoticeably press “Ok” to pop-ups on our screen when we're operating something. This can be dangerous, as I can send a SMS-forwarding request to your phone, with a single pop-up. If you pressed “ok”, your SMSs will get redirected to me and I can simply request the OTP on my own.
Spywares. These sneaky little bundles of spies can do the work for you. As soon as the victim requests an OTP, I'd get it simultaneously through the Spyware itself. Or I may request it on my own.
LDAP Request Smuggling. OTPs come to my phone by the Lightweight Directory Access Protocol (LDAP) server. If I find a way to get a Request Smuggling attack on PayPal, LDAP server, I can send bulk requests and steal legitimate requests and their corresponding codes. But hacking an Enterprise’s LDAP server isn't cake, of course.
SIM Cloning. If I'm obsessed with your wallet, I'll take more elevated steps of performing this attack. I'll call your ISP, impersonate your identity and reissue another SIM under your name, then get the OTPs of your phone into mine.
If I'm rich enough, I can afford an IMSI Catcher or an RTL-SDR for carrying out the interception of the OTP, with great success rate, but I need to be close to your house to carry out anything of it, in the end.
You see, I need to work hard as anything to get the OTP to access your account. Visualizing it might be easy, but implementing it is an attempt to break concrete from your hands.
Though, issuing payments over cellular network is more preferred than WiFi. And giving your phone to someone random for a phone call is not preferred at all!
112 views✧ 𝕽𝖆𝖒𝖆𝖓 𝕾𝖗 ✧, 11:14