[ACADEMY] Broken Authentication

I am about to give up on this module. I’m stuck on page 5 “Weak Bruteforce Protections” and can’t answer question 2: “Work on webapp at URL /question2/ and try to bypass the login form using one of the method showed.” Hint: “This web server doesn’t trust your IP!”.

I get the hint and used the method described in the section to change what my IP looks like in the header. I rewrote the provided python script several times, tried with hydra and ffuf, but I don’t find anything. I worked on the scada cvs to make it work with the script, used rockyou and several of the default credential lists of SecLists.

Can anyone give me a hint? This is really frustrating.

1 Like

Ok, I got it to work. The user and password doesn’t matter at all. You can just use curl.

@iougiri could you give me some help pls? I have the same problem and I’m getting crazy because I think it’s a simple thing and I can’t find it. The tip from what I understand refers to the X thing but nothing works

You’re on the right track with the X thing. I sent you a DM.

Have also tried the X thing in combination with the hint but without success… Can anyone give me another hint?

I hope this doesn’t spoil too much, but I know how frustrating it was for me. So for everyone having the same problem my hint is: The server only trusts itself.

6 Likes

I see…! crazy, haha you should read this link as below: https://www.w3schools.com/HTML/html\_entities.asp interested in the special symbol! you will get more confused with the “Predictable Reset Token” section, question 1, :))

Anybody here, who can give me a nudge on the first assignment “Brute Force attack”. I think I have a good working Python script and tried with al available credentials files, but maybe I am missing one. Please respond.

Type your comment> @andrevanm said: > Anybody here, who can give me a nudge on the first assignment “Brute Force attack”. I think I have a good working Python script and tried with al available credentials files, but maybe I am missing one. Please respond. Thanks to Satellite was able to solve it.

Lmk when you get to “predictable reset token”, question 1. I can’t figure it out

I’m stuck on the skills assessment. Any tips?

Yep, now I’m there haha this module is wrecking me. I’ve added the header and used the server IP but still getting nothing. Are we still meant to be using the S*ad* .c*v? I think my data processing needs work if that’s the case.

Hi I know this was absolutely ages ago but do you remember any more details about the command and specifics?

Hi! Did I understand you correctly that there is no need to use a list of words/passwords in this task?
Everything can be done through the curl command?
Right?
Thanks.

Hi, I tried everything mentioned above, but still no result. Please help.

I tried everything (python script with all different wordlists, curl, burp etc.) Everything with X-Forwarded-For: etc. Please help. Thanks in advance, blizco

I finally figured out what it means.
I found an ip address which indicates the server itself.

Hey man. If you haven’t got this yet, you really need to look for IP addresses the server will trust. It only trusts itself…the IP is local to the server.

1 Like

i’m stuck on Broken Authentication Login - User inference in question2 could you give me some hint?

What I have tried:

  1. exporting a curl command from my browser
  2. Changing the following headers to the target address
  • X-Forwarded-For , Origin , Referer
  1. trying POST and GET verbs
  2. send with and without PW data

Please can someone put me out of my misery and tell me what I am missing ? :relieved: