diff options
Diffstat (limited to 'Brute force password guessing/Resources/notes.md')
| -rw-r--r-- | Brute force password guessing/Resources/notes.md | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/Brute force password guessing/Resources/notes.md b/Brute force password guessing/Resources/notes.md new file mode 100644 index 0000000..f13b4e4 --- /dev/null +++ b/Brute force password guessing/Resources/notes.md @@ -0,0 +1,16 @@ +## Exploit + +[https://owasp.org/www-project-web-security-testing-guide/stable/4-Web_Application_Security_Testing/04-Authentication_Testing/07-Testing_for_Weak_Password_Policy](OWASP: Testing for weak password policy) + +1. Found an email in a hidden `<input>` tag in the **Recover Password** page: `webmaster@borntosec.com` +1. Got a list of common passwords to test from [https://github.com/duyet/bruteforce-database/blob/master/38650-password-sktorrent.txt](here) +1. Made a `brute_force.bash` script to brute force the login + +If you're getting false positives with `brute_force.bash` use a smaller `BATCH_SIZE`. + +## Fix + +- 2FA +- Strong password policy +- Forbid password reuse +- Password aging |