MDPin is a server and a website. It contains an UI to fake an Android login screen to steal their pin code. It works via a web browser, by going fullscreen.
When the user reaches your webpage, and they try to click on a button (Eg. A fake “Connect to wifi” button), it will trigger fullscreen and launch an interface which tries to mimic as close as possible Android’s login screen.
They will be prompted to slide up and enter their password. The password is sent to you by the webpage (which you are hosting) to the Server (which you are hosting too). After then, there is an unlock animation, and the user will be redirected to https://www.google.com thinking their device just unlocked.
MDPin now includes a web server to serve the website which makes the Interface. The website will call the Server, which retrieves the device model as well as the collected Password Pin. However, you can also host it yourself on a different server. It can be anything: eg. Wamp, Apache2, Httpd or even an ESP8266/32. All the static files to be served are in the static folder.
Download Link:- https://github.com/bastien8060/MDPin