.png)
6 months ago
29 BOOK THIS SPACE FOR AD
ARTICLE ADToday I am going to walk through bepractical.tech Lab #3. I have found this site to be especially helpful and enjoyable. I look forward to trying more of it’s content as/if it comes available. I am new to ethical hacking and would really like to help out others while learning. I am using Firefox and BurpSuite Pro in Kali Linux. This will not include any information on how to setup and use BurpSuite. I am not a professional. Just trying to learn like you.
Starting at the login page we can sign in with the same account we made in lab #2 or make anew account.
Try signing in to see if it works.
At this point, I played around with BurpSuite. I tried various ideas learned from from lab #1() and lab #2() with no success.
Time to stop messing around and test functionality. Let’s check the “Forgot Password” function by inputting our email.
Before we “click” send, open up BurpSuite and intercept the request.
Notice the format used is JSON. I know very little about this topic so am following what I found in my research.
Since we know we are going to want to access the admin account let us change the email address in the browser first, so we don’t forget.
Let us alter the code to what is shown in the screen shot below(learned from YouTube). Now right-click, “Do Intercept/ Response to this Request”
We “Forward” the request and receive a response: “200 OK”
Now check our inbox to get the code.
Paste the code where prompted
and….
AdminAccount…HACKED!!!
Bengali (Bangladesh) · 
English (United States) ·