Simple PoC script that allows you to exploit telegram's "send with timer" feature by saving any media sent with this functionality.

Related tags

Third-party APIs Wrappersimagetelegramexploittelegram-bottimermessagingsecretmediasendpocwithe2eepoc-script
Overview

breaking-telegram

Simple PoC script that allows you to exploit telegram's "send with timer" feature by saving any media sent with this functionality.

Status

Working

PoC

poc

How to

Step 0

git clone https://github.com/matteounitn/breaking-telegram.git

Step 1

  • Go to https://my.telegram.org/auth?to=apps;
  • Create an app(doesn't matter how do you call it);
  • Get API ID and API KEYS;
  • Replace them in config.ini.example and save it as config.ini

Step 2

  1. cd breaking-telegram
  2. python3 -m venv venv && source venv/bin/activate
  3. pip3 install -r requirements.txt
  4. python3 broke.py

Now insert your number and your code.

Eventually you will be asked for a password, if you have one set in your account.

Step 3

Receive an image with timer (could also be a video or gif). Check your saved messages.

Take Home

Use secret chats. They're not bulletproof, but they're definitely safer.

Owner
Matteo
FBK - Security and Trust Unit
Matteo
GitHub Repository
Faster Twitch Alerts is a highly customizable, lightning-fast alternative to Twitch's slow mobile notification system

Faster Twitch Alerts What is "Faster Twitch Alerts"? Faster Twitch Alerts is a highly customizable, lightning-fast alternative to Twitch's slow mobile

6 Dec 22, 2022
Simple Telegram Bot for generating BalckPearl BBCode Templates

blackpearl-bbcode-bot Simple Telegram Bot for generating BlackPearl BBCode Templates Written in Pyrogram Features - 🎉 IMDB Info fetching from files -

D. Luffy 5 Oct 19, 2022
unofficial library for discord components(on development)

discord.py-buttons unofficial library for discord buttons(on development) Install pip install --upgrade discord_buttons Example from discord import Cl

kiki7000 129 Dec 31, 2022
Automatically pick a winner who Retweeted, Commented, and Followed your Twitter account!

AutomaticTwitterGiveaways automates selecting winners for "Retweet, Comment, Follow" type Twitter giveaways.

1 Jan 13, 2022
Telephus is a connection pooled, low-level client API for Cassandra in Twisted python.

Telephus Son of Heracles who loved Cassandra. He went a little crazy, at one point. One might almost say he was twisted. Description Telephus is a con

Brandon Williams 93 Apr 29, 2021
Library for working with QIWI API.

Library for working with QIWI API.

qxtony 2 Apr 26, 2022
A fast, easy to set up telegram userbot running Python 3 which uses fork of the Telethon Library.

forked from friendly-telegram/friendly-telegram Friendly Telegram Userbot A fast, easy to set up telegram userbot running Python 3 which uses fork of

GeekTG 75 Jan 04, 2023
Apps related to Odoo it's calendar features

calendar Apps related to Odoo it's calendar/appointments features: online_appointment_locations: allow setting an online URL per employee online_appoi

Yenthe Van Ginneken 3 Oct 27, 2022
Senexia - A powerful telegram bot to manage your groups as effectively as possible

⚡ Kenechi bot ⚡ A Powerful, Smart And Simple Group Manager ... Written with AioG

Akhi 2 Jan 11, 2022
A Python script to backup all repos (public or private) of a user.

GithubBackupAllRepos A Python script to backup all repos (public or private) of a user. Features Clone public and private repos Load specified SSH key

Podalirius 15 Jan 03, 2023
My beancount practice as a template

my-beancount-template 个人 Beancount 方案的模板仓库 相关博客 复式记账指北(一):What and Why? 复式记账指北(二):做账方法论 复式记账指北(三):如何打造不半途而废的记账方案 配置 详细配置请参考博客三。必须修改的配置有: Bot功能:data/be

KAAAsS 29 Nov 29, 2022
A python API for BSCScan (Binance Smart Chain Explorer), available on PyPI.

bscscan-python A complete Python API for BscScan.com, available on PyPI. Powered by BscScan.com APIs. This is a gently modified fork of the etherscan-

Panagiotis Kotsias 246 Dec 31, 2022
gBasic - The easy multiplatform bot

gBasic The easy multiplatform bot gBasic is the module at the core of @GianpiertoldaBot, maintained with 3 for the entire community by the Stockdroid

Stockdroid Fans 5 Nov 03, 2021
Create custom Vanity URLs for Discord without 30 boosts

CustomVanity - Made by udp#6666 aka Apolo - OpenSource Custom Discord Vanity Creator How To Use Open CustomVanity.py Write your server invite code Wri

apolo 17 Aug 23, 2022
The AWS Lambda Serverless Blind XSS App

Ass The AWS Lambda Serverless Blind XSS App 利用VPS配置XSS平台太麻烦了,如果利用AWS的Lambda那不就是一个域名的事情么?剩下的环境配置、HTTPS证书、隐私性、VPS续费都不用管了, 所以根据xless重写了Lambda平台的XSS,利用sla

cocokey 2 Dec 27, 2021
OliviaV2: danger bot with python

🎶 OLIVIA V2 🎵 Requirements 📝 FFmpeg NodeJS nodesource.com Python 3.7 or higher PyTgCalls 🧪 Get SESSION_NAME from below: Pyrogram 🎖 History Featur

Alvaro Einstein 2 Nov 04, 2021
Market calendar RESTful API with holiday, late open, and early close. Over 50+ unique exchange calendars for global equity and futures markets.

Trading Calendar Market calendar RESTful API with holiday, late open, and early close. Over 50+ unique exchange calendars for global equity and future

Apptastic Software 1 Feb 03, 2022
This bot can mention members upto 10,000 in groups and can mention members upto 200 in channels !

Mention All Bot This bot can mention members upto 10,000 in groups and can mention members upto 200 in channels ! 🏷 Infomation Language: Python. Tele

Anjana Madu 52 Dec 29, 2022
Just a python library to make reddit post caching easier

Reddist Just a python library to make reddit post caching easier. Caching Options In Memory Caching Redis Caching Pickle Caching Usage Installation: D

Samrid Pandit 3 Jan 16, 2022
A discord.py bot template with Cogs implemented.

discord-cogs-template A discord.py bot template with Cogs implemented. Instructions Before you start ⚠ Basic knowledge of python is required. Steps If

censor 2 Sep 02, 2022