Made a program to steal Android devices Pin Codes

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Android ethical-hacking social-engineering Hacking Python

SurveyJS - Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App
With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
surveyjs.io
featured
InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured

  • MDPin

    MDPin is a server and a website. It contains an UI to fake a Android login screen to steal their pin code. It works via a web browser, by going into fullscreen.

    • Hey there!

    I'm just new here, because I joined this community to share this in. I hope you don't mind. However, I'm pretty glad to say I built my first Pentesting/Hacking tool (Link here: https://github.com/bastien8060/MDPin).

    Of course it is open-source, and it relies on social engineering to work. Although it is not an exploit, it exploits some browser's trust in fullscreen mode (Eg. In-App browsers like instagram/reddit's browser which open links has the feature to enter fullscreen but do not give any warning to the user, when using it).

    This program lets you start a server with a backend and a frontend which mimics as close as possible Android's login screen. It detects the phone's brand and loads the brand's default wallpaper. Ios does not work on purpose and will be greeted with a blank screen. The user will be shown a screen off animation then will be shown a lockscreen. They would slide up and enter their pin. An unlock animation will be shown and the phone will seem to be on google.com. The backend will collect the pin code.

    Of course this is to be used only for educational purposes. The goal here is to show how people are affected/uneducated about social engineering attacks still today. (People can't always be trusted. Google does not ask for card details by email from a foreign email address. Social engineering over phone calls or even posted letters are also a thing etc...)

    Thank you very much for reading this.

  • SurveyJS

    Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.

    SurveyJS logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Made a program to steal Android devices Pin Codes

    1 project | /r/Pentesting | 1 Mar 2021

  • jaykali/lockphish - Lockphish it's the first tool (07/04/2020) for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN and iPhone Passcode using a https link.

    1 project | /r/GithubSecurityTools | 3 Mar 2021

  • Python dev considering Electron vs. Kivy for desktop app UI

    3 projects | news.ycombinator.com | 31 Mar 2024

  • Ask HN: What Underrated Open Source Project Deserves More Recognition?

    63 projects | news.ycombinator.com | 7 Mar 2024

  • FastUI: Build Better UIs Faster

    12 projects | news.ycombinator.com | 1 Mar 2024