Notice: _load_textdomain_just_in_time işlevi yanlış çağrıldı. Translation loading for the perfect-portfolio domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Ayrıntılı bilgi almak için lütfen WordPress hata ayıklama bölümüne bakın. (Bu ileti 6.7.0 sürümünde eklendi.) in /home/margheri/public_html/wp-includes/functions.php on line 6121
Writeup: Broken brute-force protection, multiple credentials per request Aleyna Doğan

Aleyna

Portswigger Lab

Writeup: Broken brute-force protection, multiple credentials per request

updated on

Lab link.

When we send the request, we see that it goes in JSON format and if we make a certain number of mistakes, we are blocked from IP.

By sending more than one password in the JSON structure, we can achieve a successful login. We bring our passwords to JSON structure with Sublime text editor.

We obtain the successful input and right-click on the response, copy and paste “show response in browser” into the browser.

More Lab
Tags :

Bir yanıt yazın

E-posta adresiniz yayınlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir