Before I spill the secret, Let me tell you how it all started...

At the beginning of our college days, we were made to sit in an auditorium surrounded by unfamiliar faces, listening to boring speeches and all. That night, I had a dream that somehow I got access to the college database and discovered everyone's names, images, dates of birth, phone numbers, etc. It was a funny thought, and I couldn't help but wonder if it was possible in real life.

Well, well fast-forward to today, I actually got all the student's data from the college portal. Before I explain how I got it, let me tell you First, I don't have any intention of misusing any data. It is their personal information and I completely respect it.

So our college has a student/parent portal that any student can access using their Unique Student Number (USN) and date of birth as a password, which allows us to track test grades and attendance records to exam results, the portal has it all.

Now if a person knows anyone's USN and DOB he can quickly check all his details using that portal. All you need is date of birth to access the information, so you have to crack the DOB by the simple Brute force method.

Brute force attacks are a method of trying multiple combinations of login credentials until the correct one is found. In this case, I wrote a python program that will try all the combinations of dates till it unlocks the portal. Here is a demo of continuous automated inputs on the website.

How it works:

1. The USN is stored, and The first step is to enter it. This will serve as the starting point of our brute force attack.

2. Year of birth calculation: From the year in USN, the program calculates the most probable birth year by subtracting 18 from it. If USN is 1MS21CS001 it takes 21 and 21-18 is 3, so the birth year is likely to be 2003 if not it checks subsequent to it.

3. Brute-forcing the DOB: Next, the program begins to input, trying every possible combination of month and date within the year of birth until the correct DOB is found.

4. Success message: Once the correct DOB is found, the program displays the Name and DOB of the student.

5. As mentioned earlier, if you have the DOB you get access to all the information.

It's important to remember that using this method to access confidential information is illegal and unethical. For the same reason, if College finds out doing this, they can take strict action against the student. The purpose of this blog is just to demonstrate the power of programming using Python. On the other hand, I am trying to prove how easy it is to do this. I am also writing a letter to the college to fix this as soon as possible.

And there you have it! With just one program, you now have the power to get all the information about your classmates from the college portal. But, please remember to use this knowledge responsibly and for educational purposes only.

Disclaimer: Before you start envisioning yourself as a detective hot on the trail of your friends or crush, I remind you that this tool is only accessible on demand. And just in case you were wondering, stalking is never cool, no matter how much that little voice in your head says otherwise. 😁

A very special shoutout goes to Amith, who played a crucial role in the development of this tool. Amith's expertise and knowledge made the program run smoother and more efficiently. Thanks to Amith (The Optimizer), I was able to create this tool that is both effective and fast.

Thank you for reading this blog 😊.

Here is the website Link: https://dob-finder-sis.streamlit.app/

DM me for the code.

Contributors: Amith M & Shravan