Notice that each request received a response with a 200 status code except for one, which got a 302 response. ![]() When the attack is finished, look at the Status column. On the Payloads tab, clear the list of usernames and replace it with the list of candidate passwords. Username=identified-user&password=§invalid-password§ The result should look something like this: Add a payload position to the password parameter. Click Clear, then change the username parameter to the username you just identified. Make a note of the username in the Payload column.Ĭlose the attack and go back to the Positions tab. Notice that other responses contain the message Invalid username, but this response says Incorrect password. Compare the response to this payload with the other responses. Notice that one of the entries is longer than the others. You can click on the column header to sort the results. When the attack is finished, on the Results tab, examine the Length column. Under Payload settings, paste the list of candidate usernames. On the Payloads tab, make sure that the Simple list payload type is selected. Make sure that the Sniper attack type is selected. Leave the password as any static value for now. This position is indicated by two § symbols, for example: username=§invalid-username§. ![]() Notice that the username parameter is automatically set as a payload position. In Burp Intruder, go to the Positions tab. Highlight the value of the username parameter in the request and send it to Burp Intruder. In Burp, go to Proxy > HTTP history and find the POST /login request. With Burp running, investigate the login page and submit an invalid username and password.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |