Zoom Conference scanner.
This scanner will check for a random meeting id and return information if available.
This are all the possible flags:
tangalanga -token=user-token # [default: env TOKEN] user token to use. -colors=false # [default: true] enable/disable colors -censor=true # [default: false] censors output -output=history # [default: stdout] write found meetings to file -debug=true # [default: false] show all the attmpts -tor=true # [default: false] enable tor connection (will use default socks proxy) -hidden=true # [default: false] enable embedded tor connection (only linux) -rate=7 # [default: ncpu] overwrite the default worker pool -proxy=socks5://... # [default: socks5://127.0.0.1:9150] proxy url to use
Unfortunately I couldn’t find the way the tokens are being generated but the core concept is that the
zpk cookie key is being sent during a Join will be usable for ~24 hours before expiring. This makes trivial to join several known meetings, gether some tokens and then use them for the scans.
TOR (only linux)
Tangalanga has a tor runtime embedded so it can connect to the onion network and run the queries there instead of exposing your own ip.
For any other system I recommend a VPN