Publica tus comentarios, quejas, sugerencias, anécdotas o lo quieras decir al concho o a la comunidad universitaria enviándolo vía e-mail a la dirección que aparece aquí arriba, es decir:

comunidaduc.corcholibre@blogger.com



miércoles, 10 de junio de 2020

Tangalanga - The Zoom Conference Scanner Hacking Tool


Zoom Conference scanner.
This scanner will check for a random meeting id and return information if available.

Usage
This are all the possible flags:
tangalanga \
-token=user-token \ # [default: env TOKEN] user token to use.

-colors=false \ # [default: true] enable/disable colors
-censor=true \ # [default: false] censors output
-output=history \ # [default: stdout] write found meetings to file
-debug=true \ # [default: false] show all the attmpts
-tor=true \ # [default: false] enable tor connection (will use default socks proxy)
-hidden=true \ # [default: false] enable embedded tor connection (only linux)
-rate=7 \ # [default: ncpu] overwrite the default worker pool

-proxy=socks5://... \ # [default: socks5://127.0.0.1:9150] proxy url to use

Tokens
Unfortunately I couldn't find the way the tokens are being generated but the core concept is that the zpk cookie key is being sent during a Join will be usable for ~24 hours before expiring. This makes trivial to join several known meetings, gether some tokens and then use them for the scans.

TOR (only linux)
Tangalanga has a tor runtime embedded so it can connect to the onion network and run the queries there instead of exposing your own ip.


For any other system I recommend a VPN

Why the bizarre name?
This makes reference to a famous 80s/90s personality in the Rio de la Plata. Doctor Tangalanga who loved to do phone pranks.




via KitPloitMore information
  1. Hacking Attack
  2. Hacker Prank
  3. Pentest+ Vs Oscp
  4. Pentest Wiki
  5. Pentest+ Vs Oscp
  6. Hacking The System
  7. Pentest Ios
  8. Pentest Reporting Tool
  9. Pentest Practice Sites
  10. Hacking Jailbreak

No hay comentarios: