Why is it asking me to get the account's cookie (ROBLOSECURITY) and CSRF token?
How do I find the account's cookie (ROBLOSECURITY) and CSRF token?
Can you use this on another accounts you don't have access to?
[i] 10/12/2020 - added colorama to BrutePin and an option to read the cache (broken rn, answer the first issue if you want, considered beta for now)
[i] 10/13/2020 - added requirements.txt for people to install modules needed for this to run
It's a ROBLOX pin bruteforcer that tries every possible 4 digit pins in order to unlock whatever you want to do in its account. This is made by Tangly.
This is because it would require both of those in order to get the bad boy going. CSRF token is used for preventing anyone to perform CSRF attack on a victim. CSRF is an attack where someone sends a request the web application trusts to the victim, then the victim accepts the request, and someone gets the info.
You open up inspect element, open Network tab, and try to enter in some random pin, then find the unlock request, you will see this.
Then look for the cookie and x-csrf-token in request headers.
Copy its contents and paste them to whatever question it's asking for.
Common sense, no, you can't.
Made by Tangly <3
with help of pr0xy1337