Vulnerable-OTP-Application: Vulnerable OTP/2FA Application
Vulnerable OTP Application
Vulnerable OTP Application created using PHP & Google OTP
These instructions will get you a copy of the project up and running on your local machine for development and testing purposes.
What things you need to install the application onto.
A step by step series of examples that tell you have to get the application running
After installing Apache, PHP 7 and MariaDB, which I think that you know how to install, or else google about it.
Setting up Application database.
Adding Database details to application
Open the Application in browser and have fun.
Running the tests
You can use Burp suite or Browser web developer mode to bypass OTP login. Remember to Register a test user before Bypassing it, and use Google Authenticator for OTP
Application available ONLINE
Skip installation and setup and use the mention link hosted for testing OTP Bypass
TEST USER CREATED on APPLICATION for testing, or create new user if you want
SCAN the below use Google Authenticator for OTP generation and login and bypass GOOGLE OTP QR
DO NOT CRASH THE SEVER OR APPLICATION. PLAY SAFE.
- Mohammed Danish amber – Initial work – Mohammed Danish Amber