kahoot-hack icon indicating copy to clipboard operation
kahoot-hack copied to clipboard

Published 20 hours ago verified publisher icon msemple1111

Two-Factor Authentication Option

Open KyrneDev opened this issue 8 years ago • 8 comments

Kahoot has introduced a new two-factor authentication option. I've only glanced at the code, but it looks to be very JavaScript reliant.

KyrneDev avatar Jan 12 '17 20:01 KyrneDev

Thanks for letting me know, it looks relatively easy to fix.

msemple1111 avatar Jan 12 '17 22:01 msemple1111

So looking at it from the "instructor's" side, the code changes every 7 seconds...

KyrneDev avatar Jan 13 '17 00:01 KyrneDev

I have fixed it for play.py at da8ccb1. Because it only last 7 seconds I'm just trying to work out the best way of solving it for flood.py because it takes longer than 7 seconds for all the players to connect. At the moment the only solution would be for the player to enter the code every 7 seconds.

msemple1111 avatar Jan 13 '17 11:01 msemple1111

I feel like that's not too much of a hassle. Maybe have it spam for 7 seconds, and or detect when the code changes, and prompt for a new code.

KyrneDev avatar Jan 13 '17 17:01 KyrneDev

Any updates?

KyrneDev avatar Jan 24 '17 18:01 KyrneDev

The code only has 24 possibilities (4 factorial), so im guessing you can just brute force it within 7 seconds (maybe 2), then spam user names until the 7 seconds are up. I'm currently testing this theory.

msemple1111 avatar Jan 26 '17 16:01 msemple1111

You could have the user input the code then spam for 7 seconds, then have them answer it again

KyrneDev avatar Jan 26 '17 17:01 KyrneDev

It takes the user (me) around 5-8 seconds for me to answer the code and kahoot confirm its correct. I think that it would be impractical to spam for only 2 seconds before having to enter the code again.

msemple1111 avatar Jan 26 '17 17:01 msemple1111