Forum Discussion

Bronze III

2 months ago

Solved

Web server brute force authentication: Ep. 1 - Compromising an account

Pentesting is not part of my job. If I tried using any of these tools in the real world I would be fired or put in jail. With that as an introduction ... I have no idea what I'm supposed to do...

help & support

barney
26 days ago
The ask is summarized as: "In this lab, you'll be tasked with finding an HTTP administrator panel that's running on a non-standard port number. Once you've located the port, you'll need to perform a brute force attack against any login pages you find to gain access to the token."

Suggested plan of attack:
nmap to identify port
hydra to brute force admin panel with provided creds.

HTH

barney

Bronze III

26 days ago

The ask is summarized as: "In this lab, you'll be tasked with finding an HTTP administrator panel that's running on a non-standard port number. Once you've located the port, you'll need to perform a brute force attack against any login pages you find to gain access to the token."

Suggested plan of attack:
nmap to identify port
hydra to brute force admin panel with provided creds.

HTH

Forum Discussion

Web server brute force authentication: Ep. 1 - Compromising an account

Featured Places

Help & Support Forum

Related Content

How to Register Your Account

copy-paste-compromise-malicious-documents-analysis

Delete Cyber Million Account

Immersive account vs. Community account

Do I need to create account with Hyperion.corp to access the labs?

Recent Discussions

Investigating IAM Incidents in AWS: Preparation

C++ Stack Overflow Purple Belt

Guardduty: configuration and understanding findings lab not generating findings

Snort Rules: Ep.9 – Exploit Kits

ICS Malware: Triton ModuleNotFoundError: No module named 'pefile