exploit the possibilities

Telegram 4.0.1 Two Factor Authentication Bypass

Telegram 4.0.1 Two Factor Authentication Bypass
Posted Jun 25, 2017
Authored by Shahab Shamsi

Telegram version 4.0.1 suffers from a two-factor authentication bypass vulnerability.

tags | exploit, bypass
MD5 | a874728318ad389b5b51f22df6fc748f

Telegram 4.0.1 Two Factor Authentication Bypass

Change Mirror Download

Title:
===============
Telegram 4.0.1 - "TwoFactor Authentication" ByPass (0day)


Author:
===============
Shahab Shamsi


Vendor Homepage
===============
https://telegram.org/


Date:
===============
2017-06-25


Exploitation-Technique:
===============
Local,Remote


References:
===============
Video1: https://www.youtube.com/watch?v=44ZDbvnZILk
Video2: http://securityman.org/telegram-4-0-1-twofactor-authentication-bypass-0day/


Severity Level:
===============
High


Description:
===============
This vulnerability makes you able to bypass the two factors authentication of Telegram account,
so you can access to the target Telegram account.

on the condition:
- That You Access To Activation code.
- Update Telegram Final Version




POC:
===============
Step 1 : At first, connect to the target account via one of the Telegram versions.
Step 2 : Then, inter the activation code of account
Step 3 : At final step that needs to pass two factors authentication of password, without intering the second password, reset the account.


Solution:
==============
- This bug prove that two factors authentication of Telegram accounts needs to review,

There is no certain solution to resolve this security problem till now.



Contact Me :
==============
Telegram : @Shahab_Shamsi
Email : info@securityman.org
WebSilte : WwW.iran123.Org
Tnx : Artin ghafari (Hidden Eagle)
- Thanks to my dear friend "Artin Ghafari" to record the video and help to discover the bug.

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    16 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    7 Files
  • 18
    Jul 18th
    5 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close