Pages

brute-forcing-base64'd user+pass

When we want to brute force a login but find the webserver uses basic authentication and base 64 encodes the username and password with a seperator like ':' we can use burp to do this..

e.g.

rupert:password


Goto Intruder keep with Sniper.

Select "Custom Iterator"

Under Position 1 add the word or words dependant on if we know the username or not.

Then add in the "Separator for position 1"  box the seperator used. so in most cases ':'






Next change the drop down under "Payload Options [Custom iterator]" to 2.

Next add the word-lists of words you want to try, or just the password if you know it and trying to work out the username.

If you are using a large list it will take a while. just be patient....

Next add a new rule for payload processing. select "Encode" --> "Base64-encode"






Now run it :-)


No comments:

Post a Comment