Lab 7 : Brute forcing To Gain Access
I began by going to the login page and sending the request when I entered a username and password into Burpsuite
After this then I sent it into intruder and gave it the word list of usernames that was provided and got the username announce.
After doing this I sent the request again to Burpsuite and put a wordlist of the password and looked for a different length in the Intruder page.
As can be seen, the hunter password has a different length which means there has been a change.
Now when i look at the status it is a 300 which means it is a redirect.
Now I plugged in the username and password and got in.
Comments
Post a Comment