README

1. Tangalanga
2. Zoom Conference scanner.
3.  
4. This scanner will check for a random meeting ID and return information if available.
5.  
6.  
7.  
8. Install
9. First try to see if there's any prebaked version for the date: https://github.com/elcuervo/tangalanga/releases.
10.  
11. This versions already have a token ready to use.
12.  
13. Either way, you can find the Windows, Linux, and Mac versions on Releases https://github.com/elcuervo/tangalanga/releases.
14.  
15. Download, uncompress, and enjoy.
16.  
17. Usage
18. These are all the possible flags:
19.  
20. tangalanga \
21.     -token=user-token \   # [default: env TOKEN]  user token to use.
22.  
23.     -colors=false \       # [default: true]    enable/disable colors
24.     -censor=true \        # [default: false]   censors output
25.     -output=history \     # [default: stdout]  write found meetings to file
26.     -debug=true \         # [default: false]   show all the attempts
27.     -tor=true \           # [default: false]   enable tor connection (will use default socks proxy)
28.     -hidden=true \        # [default: false]   enable embedded tor connection (only Linux)
29.     -rate=7 \             # [default: ncpu]    overwrite the default worker pool
30.  
31.     -proxy=socks5://... \ # [default: socks5://127.0.0.1:9150]   proxy URL to use
32.  
33. Tokens
34. Unfortunately, I couldn't find the way the tokens are being generated but the core concept is that the zpk cookie key is being sent during a Join and will be usable for ~24 hours before expiring. This makes it trivial to join several known meetings, gather some tokens, and then use them for the scans.
35.  
36. Tokens can be sniffed after a joint attempt at a meeting. This means that to "fish" a token you'll need a setup that can sniff traffic and also spoof certificates.
37.  
38. Using Wireshark, Charles or any other of the ssl-proxying-capable tools out there will do the trick.
39.  
40. TOR (only Linux)
41. Tangalanga has a tor runtime embedded so it can connect to the onion network and run the queries there instead of exposing your own ip.
42.  
43.  
44.  
45. For any other system, I recommend a VPN
46.  
47. Why the bizarre name?
48. This refers to a famous 80s/90s personality in the Rio de la Plata. Doctor Tangalanga (read more at https://en.wikipedia.org/wiki/Dr._Tangalanga) loved to do phone pranks.