.png)
1 year ago
93 BOOK THIS SPACE FOR AD
ARTICLE ADMultiple Credentials Per Request - PortSwigger Lab Walkthrough
Lab 6 - Broken brute-force protection, multiple credentials
Level: Expert
Description of Lab:
This lab is vulnerable due to a logic flaw in its brute-force protection. To solve the lab, brute-force Carlos’s password, then access his account page.
Victim’s username: carlos
Here, the username and password are supplied in JSON format.
This allows us to try passing multiple passwords at once using the basic JSON format. As we know that the victim’s username is carlos, Let’s now try all the possible passwords passing them in the request.
Now let’s make the password array using basic bash. And the format should be:
{username:"carlos",password:["password1", "password2", "password3", "password4", ...]}
This was my first try, But we can do better.
Exactly how we needed it (except for the comma at the end).
We now have our request ready for attack.
And we’re logged in as you can see in the response side.
Congratulations, We’re done with one more lab!
Follow me for more such content as it keeps me motivated for writing such detailed walk-through.
Bengali (Bangladesh) · 
English (United States) ·