A tale of stealing from Chinese boosters and win-trading accounts.
These materials are for educational and research purposes only. Do not attempt to violate the law with any of the material contained here. Do not use this information maliciously. I can not be held responsible for any error or negligence derived therefrom, you use it at your own risk.
In this post I'm going to show you guys how to "borrow" boosted level 30 accounts with an on average 23% success rate.
The main way to obtain accounts are from boosting sites or leaks. From some light scraping i've been able to identify over ~4ooo Riot accounts leaked in the wild. However boosting sites can be quite fruitful due to their poor security and high volume of IDORs. For example, some sites let you more or less see everyones orders. This is one of the many ways you can obtain a league of legends accounts.
Now you have credentials you'll go ahead and sign into riots https://www.riotgames.com. Our goal is to identify the email address associated to the account through Riot's ticketing systems and hope that the user has password reuse on their email account essentially giving you the 2FA codes.
Now that we've logged in as seen below you'll want to head over to "Settings".
This will prompt the following window in which you will need to enter the accounts password once more.
Here is where you might hit a brick wall. If you're not redirected to the accounts settings page you'll be presented with the following image.
To obtain this code you'll need access to that accounts email. So you have no way of knowing what email that account is tied too. Additionally, the full email shown in the image above is truncated. To obtain the accounts email you will need to head over to https://support-leagueoflegends.riotgames.com/hc/en-us/requests.
There might be a chance that the account in question has old tickets dating from years back as seen below.
If not, you will need to create a "General Question" ticket. If you submit any other type of ticket such as a "Ban or Restriction" then that account will be locked by support as those processes seem to require a long list of additional identifying information. It genuinely doesn't matter what you ask here, the only goal is to have the account create a ticket.
Once you have a ticket created, since they're using Zendesk simply open the ticket and view the source of the page. At the complete bottom you'll find the email tide to that League of Legends account.
And now if you attempt to login to that accounts email (depending on the email provider) with the same password as the league account you might be surprised with the result's.
Lastly I just wanna say a gentle fuck you to Riot Games for perpetually banning my bot farm and permanently banning my GrandMaster account because I couldn't remember the email tied to that account while submitting a support ticket to identify my accounts email.
Article Link: Hijacking League of Legends Accounts