*EDIT* Before any Jagex Moderator contacts me because of legal reasons, I tried to contact you and inform you guys about this vulnerability on authenticator for about 6-7 months now, but I received no reply on this matter and when I did I received reply from those faggot "jagexhelpers" on twitter with no knowledge at all(you guys hiring them is just a joke) and telling me to submit a bug-report. You basically took me and the whole situation not seriously and treated it as a joke. Also where was my bounty reward at u jews? ----------------------------------------- Last year I posted a guide on how to bypass the authenticator on RuneScape(not the troll one, was another one which was only visible for prem users and for few hours) since it was about to get patched due to a retard leaking it to a friend and the friend leaked it and so on... I also had a better method to bypass it so I didn't really mind at that time, the bypass from a year ago got patched 5 days later after it got known. Unfortunately the blackhat community is filled with retards and kids nowaday who would do anything for a little bit of money and even backstab their friends they known for years by snaking and trying to sell the method behind our back which was supposed to be private. To ruin his business and rustle his jimmies, me and iramo gonna leak the method of bypassing authenticator which was supposed to be private between 3 of us. Also vouch to Iramo for always backing me up and for finding this method with me and the backstabber. Enjoy the method and leech before it gets patched Content Unlocked: INTRODUCTION: This method was established by exploiting the same mechanics from the previous bypass, Jagex are simply too retarded to patch it completely. I have divided up the information into several steps to make it easier to follow. I have also chosen to not explain why and how things are being abused since it will be too much details/effort and I don't wanna leak it completely since it can be re-used after it getting pathed by abusing the same mechanics. Also I dont want to make Jagexs job of finding out how to patch it, the lazy asses will have to find it out for themself Kappa STEP 1 - FINDING TARGET The bypass works perfectly fine for both the OSRS and RS3 version, what I am mainly posting here is for Rs3, if you just follow everything I say without thinking yourself, you will successfully bypass authenticator for RS3 players. The same guide can be used for Old School RuneScape as well but with some adjustments and extra added steps. The reason to why Im not posting an exact guide for OSRS version like I do with the Rs3 version is because I don't have time to write it(2 much effort), and I wanna leave something to the more advanced users of this community and not just leak everything to the leechers. Also I am already assuming that you have a target with their login email/username and their current password. Okay lets start, so this bypass method works only for accounts that has a registered email-address attached to their accounts. If there is no email-address attached to the account then this method will NOT work. However, almost everyone (active and with wealth on their account) have an email-address registered to their account, so the bypass method is applicable for the majority of the RuneScape communitt. So we start from here, the authenticator that prevents you from accessing the account: [Image: ed93a536abb446d69a0a00e60a27e6b9.png] STEP 2 - INITIATION 1. For this you will have to use the official RuneScape client. Any other third party clients such as OSBuddy, Konduit, RuneLoader will not work. You can find the official clients here: https://www.runescape.com/download Once you have the client installed, load it and enter the details. You will then get the interface from the picture above. From there you just press on "Continue" with an empty PIN-code. You will get this following interface, now make sure that you leave that as it is and do not click anything else and do not close the client(and yeah, notice Jagex misspelling "6-digin" on the OSRS client lol ) 2. This part needs to be done with a proxy enabled on your network IP. (<--Network=/=Computer IP) Open your web browser(I use Mozilla Firefox) and paste the following link: http://www.runescape.com/companion/comapp.ws . Enter your targets details and you will get the message about Authenticator- Enter the 6-digit code generated by your authentication app. Now hold CTRL + SHIFT + J to open the webbrowser console and then find your browsers JS console: [Image: 4436d4ac4ba5471f9405e806171080d5.png] In the JS console you fill get a warning message about signing in into RuneScape(the one above) Now view the source(direct link: view-source:https://secure.runescape.com/m=world5/html5/comapp/login?from=%2F) Find and extract your lobby code from the source, will be: "lobbyXX.runescape.com" (XX=2 digit numbers) Also make sure that your login-reply-ID (which it probably will) matches the following commands: login-reply-56 : Enter the 6-digit code generated by your authenticator app. login-reply-36 : Unable to connect: authentication server offline. login-reply-55 : Could not complete login. Access to this account is not authorised. login-reply-57 : The code you entered was incorrect. Please try again Now go to your proxys post data which you will have to edit. Just as you could bypass PayPals 2FA(two step verification) by using a proxy and removing “securityQuestion0” and “securityQuestion1” from the post data: [Image: 51a44d346c224447ba6ab8d72539fb5c.png] [Image: 1e1d10c8512140c29a139941b7058668.png] (yeah this is actually real, bypassing PayPal 2FA was this easy lmao- full article: https://henryhoggard.co.uk/blog/Paypal-2FA-Bypass) You can do the same on RuneScape, but surprisingly Jagex has better security than PayPal, so this isn't finished here. Go to you proxys post data and remove "login-reply-57" and substitue it with "You need to validate your email address to log in." (basically
) Do not touch or edit any other login-reply as you will fuck it up. STEP 3 - DEVICE CONNECTING Open a new tab which uses the same proxificaiton data and enter: https://secure.runescape.com/m=totp-auth...or/landing Click on "Set Up Now" and you will have to sign in to the account again, enter the details and you will get the following error message: [Image: 692b232facbb4d8c83675331d45048a9.png] Now get your Iphone/Android/any notepad that supports normal and basic functions. If it already isn't, you will have to jailbreak it otherwise you will get alot of error codes, firewalls and a bunch of other restrictions during the process(these are probably fixable, but just jailbreaking it saves time and effort). Now I won't go into details on how to jailbreak your device, but there are plenty of guides out there or just give it to a chinese/indian guy and jailbreak it for $5. Once your device is jailbreaked, download the RuneScape companion app. Now you will need to connect your device to the PC/laptop from which you have done all the previous steps on and basically remote the device from you computer. Depending on your device, there are different guides out there as well. Personally I am using iPhone. To simulate the iPhone to the computer, I recommend the programs called AirServe or Reflector. Now you will have to log your trafficing from your iPhone. To do this,I am using Charles, which can be found here http://www.charlesproxy.com . Once you have it installed, run it and it will look like this pre-started: [Image: 28625e3886024677b9bffae7625199c1.png] Now do the following: 1. Go to proxy, then on the same window click on "Proxy Settings" 2. Write down the Port of the proxy 3. Get your networks IP-address (NOT the IP address you get from googling "ip lookup", that's your computer IP, not your networks. Open cmd and type "ipconfig" next to "C:Users/Name>" and you will get your network IP.) 4. Now go to your iPhone/iPad, go to settings and select "Wi-Fi", select your network and go into its settings, scroll down to the bottom which usually have its HTTP Proxy on "off" by default. You will have to change it to Manual: [Image: af728f5d4d01493f8e372b9ebf3dc05d.png] Now enter your network IP on "Server" and the Port you find on your proxy settings (Step 1 & 2) next to "Port". 5. Now every network trafficing you execute on your connected device will be logged and shown on Charles, for example: [Image: e3e7cc3c713f408a92504fd9c348a6ae.png] STEP 4 - THE RUSTLING Open the RuneScape companion app on your device which will now be trafficed from the same proxified data you edited on your PC. Once you get the trafficing log from the companion sent to your computer, it's time to play with it. From Step 2, you extracted "lobbyXX.runescape.com" from your computer, now edit it the XX on your device to the same number you had on your computer. Close the app and restart it,(make sure that the lobby ID is correct by looking in the traffic data) once you get to the login interface, enter the details for the authenticated account (username/email : password)and you will see on Charles that the traffic data from your devices companion app will be spammed with the logs
, Could not complete login. Access to this account is not authorised. Now hopefully you haven't closed the tab on your computer from Step 2, the "http://www.runescape.com/companion/comapp.ws". Now if you have done everything correctly so far and followed every step, the tab will automatically transmit from the stalled interface
(Enter the 6-digit code generated by your authenticator app.) to this interface: [Image: 24e85bd8d88546b1b0fb6e3bd1944ce3.png] if you get this then congratulations, you have just bypassed the RuneScape authenticator. Now on your device, you will need to spam login and at the same on your RuneScape client just fill out the auth PIN code with any random numbers, you just have to fill the 6-digit gap. Sometimes you get back the message "The code you entered was incorrect. Please try again.". This is due to the timing done you your device, PC and jagex servers doesn't match up basically. When you get the timing right (majority of times you get the timing right), you will successfully sign in to the account. Please note now that your access is very limited and you can NOT change worlds/logout/disconnect. If that happens, you will have to repeat the process all over again. STEP 5 - PROFIT incase no bank pin that is [Image: 8c327fc4b97f4acf8d20570ee3289378.png]