Navigation X
ALERT
Click here to register with a few steps and explore all our cool stuff we have to offer!



 4213

Vulnerable Snapchat API Endpoints

by psychs215 - 24 December, 2021 - 02:04 AM
This post is by a banned member (psychs215) - Unhide
psychs215  
Registered
26
Posts
1
Threads
3 Years of service
#1
Alright so basically I have come to learn of a snapchat exploit, as well as a few vulnerable API endpoints for snapchat. I'm looking for other programmers who have knowledge of exploiting API endpoints, or even just people with knowledge of the inner workings of snapchat and their servers. If you are interested in knowing more PM me
This post is by a banned member (Summer) - Unhide
Summer  
Godlike
2.051
Posts
355
Threads
4 Years of service
#2
Good luck with this. Be careful Lol
[Image: 4v63n7I.gif]
This post is by a banned member (GodlikeTool) - Unhide
35
Posts
6
Threads
5 Years of service
#3
^ As stated above , it is really hard to reverse their api's . You gotta unpin SSL e.t.c... read more on their obfuscation... it is possible but time consuming
This post is by a banned member (psychs215) - Unhide
psychs215  
Registered
26
Posts
1
Threads
3 Years of service
#4
(This post was last modified: 30 December, 2021 - 05:07 AM by psychs215. Edited 1 time in total.)

(28 December, 2021 - 06:51 AM)GodlikeTool Wrote: Show More
^ As stated above , it is really hard to reverse their api's . You gotta unpin SSL e.t.c... read more on their obfuscation... it is possible but time consuming

Yes it is time consuming I have successfully initiated RCE and other attacks already I am simply looking for others interested in making a GUI application out of this and marketing such a tool here for profit
This post is by a banned member (GodlikeTool) - Unhide
35
Posts
6
Threads
5 Years of service
#5
Discord - Godlike#2349 kinda interested since I am working on a tool for snap too.
This post is by a banned member (Signal) - Unhide
Signal  
Registered
259
Posts
9
Threads
5 Years of service
#6
daeta#7016 this is interesting and love to see where this goes!
This post is by a banned member (totallynotAb) - Unhide
3
Posts
0
Threads
2 Years of service
#7
As @GodlikeTool said, you have to bypass their SSL pinning, then you will need to fully reverse their apk to see how the Auth Token is created that is dynamic and must be sent every request else it will be blocked. gl
This post is by a banned member (psychs215) - Unhide
psychs215  
Registered
26
Posts
1
Threads
3 Years of service
#8
(08 January, 2022 - 08:11 PM)totallynotAb Wrote: Show More
As @GodlikeTool said, you have to bypass their SSL pinning, then you will need to fully reverse their apk to see how the Auth Token is created that is dynamic and must be sent every request else it will be blocked. gl

@GodlikeTool @totallynotAb There is actually a much more simple way that can be achieved via 3rd party api kit...

Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
or
Sign in
Already have an account? Sign in here.


Forum Jump:


Users browsing this thread: 1 Guest(s)