Logical Exploits Of Brute Force, Password Recovery 2023

By XiaoXin
A Bit Randomly

 Write a function to extract the extension from a standard URL as efficiently as possible $arr = parse_url('http://www.baidu.com.cn/abc/de/fg.php?id=1'); $result = pathinfo(arr['path']); var_dump($arr); var_dump($resu... Read PHP get extension from a URL

Main Contents

Logical Exploits Of Brute Force, Password Recovery

Brute Force / Credential Stuffing 

First, if there is no verification code or the verification code can be bypassed, try to log in with the account password 5 or 10 times to check whether the target account is banned. If there is no ban rule, you can continue to blast. Account password blasting is used, and for some shopping malls, applications, governments, and schools, the method of credentialing is used to determine whether the account exists (you need to prepare various dictionaries: mobile phone number credentialing, email credentialing, name credentialing).

Password Recovery

  1. Retrieve the password through the email, visit the link to reset the password, enter the new password and submit the packet capture. Although there is a token, you can still directly modify the user ID and then modify the password of others.
  2. Retrieve the password through other people's mobile phone number, capture packets, replace other people's mobile phone number with your own mobile phone number, obtain the verification code, and modify the password after submission
  3. Retrieve the password through your mobile phone number, capture the packet after obtaining the verification code, change the user ID in the data packet to the account ID of another person, and successfully modify the password of the other person after submission
  4. Retrieve the password through the email, change the user ID to someone else in the URL link, and keep the email unchanged, then you can bind the other person's account as your own email through the link, and then retrieve the password through the email.
Please Share This Article Thank You!

Parts of E-Commerce System Security Checklist
Logical Exploits Of Arbitrary URL Jump

The url redirection vulnerability is also called exploit redirection vulnerability, which can redirect the user to the page constructed by the attacker himself. Simply put, it can jump to any specified url. Generally appea...

Logical Exploits Of Frontend Validation, Time Limit

Breaking through the time limit Time-limited activities on some websites set the time range of the activity, and you can try to change the time parameter to an unrestricted range of activities by capturing packets. Fronten...