A certain messaging app with 2FA has locked me out after mistakes of my own making. It looks hopeless form the outside, but something intrigues me. I know my login, but the 2FA App that it wants to to use (Google Authenticator) has been removed. Thus I have no way to know what the code actually is. However, it is that it still is taking requests. In other words, I have unlimited attempts to guess just this six digit code. I have never run into limits in the myriad incorrect attempts I have had, which leads me to my question for this sub: which software best for brute forcing a six digit 2FA verification code?

I’ve heard about various options: Jack the Ripper, Dave Grohl, etc. My question is what, if any, is recommended specifically for br*te forcing a six digit code, rather than a password. Ostensibly a far easier process. Again, the username and password are already known.

The current sequence is as follow: login screen => correct email and password => enter the six digit code from authentication app =>login access granted. I currently only need help with the last step.

Feel free to DM any advice you wish not to disclose publicly. Thanks.

Note: This is for MY OWN account that I am now locked out of. Thus, I have no reservations about acquiring a means to ultimately retrieve my own information. I fully believe that this information is ultimately mine before that of the company in charge of this messaging app. Therefore, spare me any “you shouldn’t be doing this” comments. Rather, I would argue ardently, that all end users are entitled to their data that they provide at the of the day. End of discussion.