LEFT SIDEBAR AD

Hidden in mobile, Best for skyscrapers.

User Enumeration

1 year ago 98
BOOK THIS SPACE FOR AD
ARTICLE AD

A helpful exercise to complete when trying to find authentication vulnerabilities is creating a list of valid usernames, which we’ll use later in other tasks.

Website error messages are great resources for collating this information to build our list of valid usernames. We have a form to create a new user account if we go to the Acme IT Support website (http://MACHINE_IP/customers/signup) signup page.

If you try entering the username admin and fill in the other form fields with fake information, you’ll see we get the error An account with this username already exists. We can use the existence of this error message to produce a list of valid usernames already signed up on the system by using the ffuf tool below. The ffuf tool uses a list of commonly used usernames to check against for any matches.

user@tryhackme$ ffuf -w /usr/share/wordlists/SecLists/Usernames/Names/names.txt -X POST -d “username=FUZZ&email=x&password=x&cpassword=x” -H “Content-Type: application/x-www-form-urlencoded” -u http://MACHINE_IP/customers/signup -mr “username already exists”

In the above example, the -w argument selects the file's location on the computer that contains the list of usernames that we're going to check exists. The -X argument specifies the request method, this will be a GET request by default, but it is a POST request in our example. The -d argument specifies the data that we are going to send. In our example, we have the fields username, email, password and cpassword. We've set the value of the username to FUZZ. In the ffuf tool, the FUZZ keyword signifies where the contents from our wordlist will be inserted in the request. The -H argument is used for adding additional headers to the request. In this instance, we're setting the Content-Type to the webserver knows we are sending form data. The -u argument specifies the URL we are making the request to, and finally, the -mr argument is the text on the page we are looking for to validate we've found a valid username.

The ffuf tool and wordlist come pre-installed on the AttackBox or can be installed locally by downloading it from https://github.com/ffuf/ffuf.

Resourses : tryhackme

Read Entire Article
  3. User Enumeration

Related

How to baypass scaping filter(\)

How to baypass scaping filter(\)

How We Prevented a Mass Breach On One OF The Biggest CryptoCurrency Gateways On A Web3 Platform.

How We Prevented a Mass Breach On One OF The Biggest CryptoCurrency Gateways On A Web3 Platform.

The Ultimate Guide to CISSP’s Eight Security Territories

The Ultimate Guide to CISSP’s Eight Security Territories

Unraveling the Nuances of 403 Bypass: Strengthening Web Application Security

Unraveling the Nuances of 403 Bypass: Strengthening Web Application Security

Private Interact.sh server setup with a web dashboard

Private Interact.sh server setup with a web dashboard

Found Multiple Bugs :: XSS, MITM, Sec-MisConf :: In an Educational Site

Found Multiple Bugs :: XSS, MITM, Sec-MisConf :: In an Educational Site

Trending

1. Gurucharan Singh
2. Delhi Arvind Kejriwal
3. Rathnam Movie Review
4. Tech Mahindra
5. NBSE Result 2024
6. Tejasvi Surya
7. HUDCO share price
8. Bajaj Finance share price
9. Laapataa Ladies
10. Yodha

Popular

1-click RCE in Electron Applications

1-click RCE in Electron Applications

Install waybackurls on Kali Linux

Install waybackurls on Kali Linux

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Install DalFox on Kali Linux

Install DalFox on Kali Linux

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

SketchUp Pro 2020 v20.2.172 (x64) Multilingual + Patch

SketchUp Pro 2020 v20.2.172 (x64) Multilingual + Patch

BOOK THIS SPACE FOR AD
RIGHT SIDEBAR BOTTOM AD
Bengali (Bangladesh) Bengali (Bangladesh) · English (United States) English (United States) ·
About Us · Terms & Condition · Contact Us
© Security Alert 2024. All rights are reserved