Hi, i have access to an Amazon business account from where i want to order large quantity and i have access to the account and to the victim's computer, but in order to proceed with my operation i need to change the email in order to receive the notifications about confirmation/delivery to my email, when i try to change the email address it asks for 2FA from SMS/E-mail, is there any way to bypass this? Thanks.
Amazon Bypass
- Автор темы m4estr0
- Дата начала
-
- Теги
- amazon bypass remove 2fa
- Статус
- Автор темы
- Добавить закладку
- #2
Any idea?
- Автор темы
- Добавить закладку
- #3
push
If you have access to the victim's computer, presumably you also have access to the victim's email? Why don't you simply set up email forwarding for amazon emails?
- Автор темы
- Добавить закладку
- #5
I don't have access to the victim's email actually, what do you mean by setup email forwarding? If there's something that can be done, tell me or message me.
You need email access for that, but you can set up email filtering and forwarding options in the victim's email so all emails from @amazon.com are deleted and/or forwarded to your email.
If you still have access to the victims's computer, you can try running a password recovery tool or a stealer to get email cookies/password.
I don't think there is a (publicly known) way to bypass amazon's 2FA without access to the phone number/authenticator app that is used for receiving 2FA codes.
- Автор темы
- Добавить закладку
- #7
How i can setup email filtering and forwarding to victim's email so they get deleted and/or forwarded to my email if i don't have access as i specified above, and what recover tool would you recommend to run a scan?
- Автор темы
- Добавить закладку
- #8
Any idea?
- Автор темы
- Добавить закладку
- #9
push
1. This is not a commercial topic. Post threads in the proper section and you will likely have better chance of generating interaction/suggestions/etc.
2. You should make some persistence to make sure you don't lose control of your remote
3. Check all users on host browsers and browser profiles for password storage and autofill and cookies ("C:\Users\$username\AppData\Local\Google\Chrome\User Data\Default\Login Data", shortcut URLs like these https://windows.tips.net/T013857_Edge_Chromium_Setting_URLs.html, etc) and synched accounts too
4. Check all files recursively for loot
or if you know the victim email be more specific
5. so on and so forth (get the idea???)
2. You should make some persistence to make sure you don't lose control of your remote
3. Check all users on host browsers and browser profiles for password storage and autofill and cookies ("C:\Users\$username\AppData\Local\Google\Chrome\User Data\Default\Login Data", shortcut URLs like these https://windows.tips.net/T013857_Edge_Chromium_Setting_URLs.html, etc) and synched accounts too
4. Check all files recursively for loot
Код:
$rootPath="C:\users\";$searchPattern="*login*","*pass*";Get-ChildItem -Path $rootPath -Recurse -File | Where-Object { $_.Name -like $searchPattern } | ForEach-Object {Write-Output "Filename: $($_.Name)";Write-Output "Path: $($_.FullName)";Write-Output "------------------------"} | Out-File -FilePath C:\users\xss\desktop\results123.txt -Width 99999
Код:
gci -path c:\ -r | select-string -pattern "victim\@gmail\.com" | select-object -property ingorecase,filename,path | out-file -filepath c:\users\xss\desktop\resultsfocused.txt -width 99999
Последнее редактирование:
- Автор темы
- Добавить закладку
- #11
Write me on Jabber or give me a contact of yours.
- Автор темы
- Добавить закладку
- #12
Through what/where to search for the last string about if i know email which i do, since he uses Windows, so where can i search for this last string?
pwsh
- Автор темы
- Добавить закладку
- #14
It doesn't work, can you contact me by PM or any contact if you think you can help.
you can send your xmpp
- Статус