Hey guys, so I think this would be one of the most awaited blogs as it’s on a topic that we all are interested in. This blog is not just on phone number to google account trick, but it’s a kind of my methodology I follow for phone number osint.
Let’s start with what we can do if we have just a phone number.
As an Indian, I directly search on truecaller first, what it gives me?
- Name (Most of the time it’s a real name)
- Profile pic
- Gmail (In many cases, it’s only for gold members but I use a mod)
- Direct link to open a chat with that number on WhatsApp
As being a learner in osint, it’s easy for me to guess if the data given by truecaller is right or if it’s a false positive. Because it can be a false positive too so we can’t totally trust it.
For Finding the real name?
- Check the truecaller name
- Check the name displayed on the WhatsApp profile of that number
- Check the name on Gmail if truecaller shows it
- phone number to google account trick
Now, what next?
Pay close attention to the pics which you can grab via the following ways -
- Profile pic displayed by truecaller
- Whatsapp profile pic
- Profile pic on google account
So, once I check that number on truecaller, I next go to the telegram, i try to add that number as a contact, if it’s on telegram, telegram will display that this number is not on telegram, invite them blah blah blah…
But if it got added, go to their telegram profile, delete them as a contact while staying on their profile, and now check what their name displayed on telegram, What’s the profile pic, and what the username is.
Now, if they have any username, I parse that username to any username enumeration tool like holehe , sherlock, etc. What’s my favorite? Will reveal it soon on Twitter, follow me there.
Let’s now come back to the phone number, what if truecaller doesn’t give you Gmail, don’t worry we have a trick.
- Go to incognito mode, log in using any google account, and then log out. Now, click on add another account, and parse the victim’s phone number.
- If their is any google account associated with it, it will show you as shown in the pic, so just right-click and click on view source code.
- Now on the source code page, click ctrl+f and you will see the search box. Enter base-js in the search box.
The number shown 3 lines above of base-js is gaid as you can see in the picture.
- Either search in ghunt by using gaid for more info or open the link below by replacing the gaid with the id you have got.
https://www.google.com/maps/contrib/<gaid-here>
That’s it, in this way, you will get the google account name, his profile pic, and if he has done any review. You can utilize this data for gathering more intel.
What more in my toolset -
- epieos.com - Helps you in finding data from emails like name, profile pic, gaid, maps data, and list of a few popular websites the email is registered on.
- Ghunt - Check out my recent writeup on ghunt. https://hacklido.com/blog/260-ghunt-20-gmail-osint-guide-part-1
- Phoneinfoga - Features
- Check if the phone number exists
- Gather basic information such as country, line type and carrier
- OSINT footprinting using external APIs, phone books & search engines
- Check for reputation reports, social media, disposable numbers and more
- Use the graphical user interface to run scans from the browser
(These features are listed on the official GitHub repo, I stopped using this tool now but you guys should try.)
https://github.com/sundowndev/phoneinfoga
- Search the number in google search as “919999******”, many times it gives you useful information.
So, guys, that’s it for today. See you soon in another blog.
Follow me on Twitter if you liked this blog and feel free to ask if you have any doubts on Twitter or in the discussion.
https://twitter.com/Dheerajydv19