MailBot by Tavel — email accounts creator, checker and unlocker

MailBot has been updated to version 15.68.

Outlook/Hotmail

Activation of two-factor authentication (2FA) in accounts via TOTP has been implemented. After successful activation, a secret key will be stored along with the account data, which has the following form: 3hmkerjjj6cw7kfi3

It is absolutely not necessary to use the Microsoft/Google Authenticator app to get the code from this key, on the “Email features” tab in MailBot there is a completely similar code generator, which opens by clicking on the “TOTP…” button.

Without a secret key, it will still be possible to get into the account using, for example, a recovery email, in this case you need to click on the “Sign in another way” link on this form:

Despite this, it is strongly not recommended to uncheck the “OTP secret key” box on the “Export” tab, since TOTP is the fastest and most stable confirmation method.

The checker can now also bypass 2FA via TOTP if the account string has a secret key. If there is no secret key, but there is a recovery email with a password, the checker will still be able to authorize in the account by receiving an email with a confirmation code.

Attention! So far 2FA activation is implemented only after adding a recovery email to the account. Activation after phone number verification is planned in the next versions of MailBot.

Attention! After enabling 2FA in your account, it becomes possible to authorize via POP3/IMAP/SMTP only with app password, so this password is created automatically and saved along with the account data.

The application password looks like this: lbtmyfqaycrgsvxn
It is easy to confuse it with the TOTP secret key, however, the application password does not contain numbers, so they can be distinguished by this feature.

When working with FunCAPTCHA, the creator and unlocker can now parse the “blob” value and correctly pass it to solve FunCAPTCHA in the 1st CAPTCHA, Underdog CAPTCHA, CapSolver and CapMonster Cloud APIs.

The creator also now checks the account username format before starting the registration process. This has drastically reduced the number of accounts created by phone number that failed to create the mailbox itself due to an incorrect username format.

Also implemented:

• handling by the checker of the “Your security info change is still pending” form
• canceling an attempt to unlock an account if you need to receive an SMS to a specific phone number or a letter to a recovery email address from a temporary service (without IMAP access)

Fixed:

• activation of email features after successful account unlocking using phone verification
• ESignupError after successful account creation by phone number

Yahoo/AOL.com

Recovery email verification has been implemented in creators and checkers, and avatar uploading to accounts has been fixed.

Mail.com

Fixed persistent error of incorrect CAPTCHA code.

GMX.com

Removed the mandatory requirement of recovery emails.

GMX.de/Web.de

Checkers have learned to identify accounts with PushNotificationObligation blocking type.

Inbox.lv

Fixed creator.

Yandex

Fixed:

• app passwords creation in the creator and checker
• account profile completion by creator

Meta.ua

Fixed:

• checker detection of valid accounts
• infinite reCAPTCHA solution by checker

I.ua

Fixed error detection in Ukrainian.

Also implemented in MailBot 15.68:

• EzCaptcha API support
• added Google Chrome 118 fingerprints
• TOTP code generator form now allows you to insert/enter a secret key with spaces

Fixed:

• emails search via IMAP for some email providers, for example, gazeta.pl
• /LSApass command line option has been renamed to /apppass

автор tavel \\ теги: 2FA, AOL, funcaptcha, GMX.com, GMX.de, I.UA, IMAP, LSA, Mail.com, MailBot, Meta.ua, Outlook, TOTP, Web.de, Yahoo, avatar, unlocker, recovery email, checker, Yandex