Skip to content
/ robocraft-emailverification-bypass Public

Robocraft email verification bypass by bruteforcing the verification code

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sokripon/robocraft-emailverification-bypass

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
git
git
 
 
.gitignore
.gitignore
 
 
Pipfile
Pipfile
 
 
Pipfile.lock
Pipfile.lock
 
 
README.md
README.md
 
 
bruteforce.py
bruteforce.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

Robocraft email verification code bruteforcer

Made to bypass the email verification code when using the "forget password" feature ins Robocraft What is Robocraft? Well it's a pretty dead game which I played in my teenage years.

Notice

This script is just a proof of concept. It is not meant to be used for serious attacks.
Taking over accounts without the owner's permission is illegal and punishable by law in many countries.
Don't use this script for illegal purposes and don't blame me if you get banned or punished for it.
This was just made as a poc in an evening. After starting Robocraft again after a few years.

Installation

First, you need python 3.6 or higher.
First way of doing it:

pip install -r requirements.txt

might mess up your other dependencies.

Second way of doing it:

pipenv install
pipenv run bruteforce.py

pipenv is a great tool to manage your dependencies.

Done.

Usage

First you need to edit the bruteforce.py file and change the email AND the account-id/PublicId, the account-id is an uuid v4, there might be some cases where the username works as the account-id, but I couldn't find any.'
There are ways to find the account-id/PublicId, but you need to find them yourself.
Getting the email address is the hardest part, you need to rely on either guesswork, social engineering or old dumps.
WARNING: This can only work on accounts that have a password set, many accounts are just made through Steam and have no password & email set which hinders the bruteforce.
Note: This will result in alot of emails being sent to the email address, so make sure you have a valid email address.

python bruteforce.py

gifdemo

How it works

It works by sending multiple forget password requests to the server which will then send a verification code to the email address provided.
This highers our chance to correctly guess the verification code/to guess it alot faster. This is possible because robocraft doesn't invalidate them instantly.
Another advantage is that the code is only 4 characters long and only exists of capital letters and numbers.
Which makes bruteforcing it much easier.

Updates?

Will this tool get any updates?
I'm not sure, but maybe?

About

Robocraft email verification bypass by bruteforcing the verification code

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages