Operation and MaintenanceSafetyExperiment on simple brute force enumeration method to bypass the 2FA verification mechanism of the target system
The Writeup shared today is a dynamic password OTP (One Time Password) for the target system that the author is participating in vulnerability testing, and is implemented by using a simple brute force enumeration method. Bypassing or cracking the target system's two-factor authentication mechanism 2FA (Two-Factor Authentication). The target system is the website of India's largest travel service company, which uses dynamic password OTP as a means of implementing two-factor authentication 2FA.
Generally speaking, OTP is a 4-digit combination from 0000 to 9999. If OTP has 10,000 possible combinations, in today's powerful computer era, it only takes a few minutes to process 10,000 combinations. time. So, if the OTP's verification mechanism is improper, anyone can bypass it through simple brute force enumeration.
Why can I bypass 2FA?
The target system does not rate limit unsuccessful request attempts.
The target system has no new dynamic password measures for unsuccessful request attempts.
Prerequisite preparation:
Web browser, BurpSuite.
The recurrence process of bypassing 2FA
The recurrence process of bypassing 2FA
1. Open BurpSuite and log in to the target system website using your mobile phone number , here, deliberately enter the wrong dynamic OTP sent by the system to your mobile phone (here we enter 1234 casually), and then use BurpSuite to capture the traffic;
We can see from BurpSuite Relevant information to the OTP API – verifyOTP?otp=:
2. Right-click the OTP sending process and Send to intruder:
3. Select the otp=1234 placeholder and set it to simple violent enumeration variable mode:
4. Select the Payload tag item, Modify it to any combination, and then click attack:
5. The attack begins. From the enumeration response result, we can see an abnormal response with a length of 2250. As expected, this is it:
6. Use this OTP to log in, It can be successful and effective!
Related tutorial recommendations: web server security
The above is the detailed content of Experiment on simple brute force enumeration method to bypass the 2FA verification mechanism of the target system. For more information, please follow other related articles on the PHP Chinese website!
Unpatchable Yubico two-factor authentication key vulnerability breaks the security of most Yubikey 5, Security Key, and YubiHSM 2FA devicesSep 04, 2024 pm 06:32 PMAn unpatchable Yubico two-factor authentication key vulnerability has broken the security of most Yubikey 5, Security Key, and YubiHSM 2FA devices. The Feitian A22 JavaCard and other devices using Infineon SLB96xx series TPMs are also vulnerable.All
人体试验要泡汤?马斯克Neuralink面临联邦调查,实验动物死亡频发Apr 12, 2023 pm 05:37 PM上周,马斯克举办了 Neuralink 的 Show & Tell 演示活动,向世人展示了脑机接口的最新进展。会上,马斯克表示,从原型到生产非常困难,面临诸多挑战。Neuralink 一直在努力启动人体试验,并且已向 FDA 提交了开始人体试验所需的所有文件。马斯克估计,第一个 Neuralink 设备可能会在 5-6 个月内进入人脑。会上马斯克强调, Neuralink 尊重动物受试者,并且脑机接口设备植入动物体内之前已经进行了广泛的基准测试。两只猴子 Pager 和
C++ 函数返回枚举类型时有什么好处?Apr 20, 2024 pm 12:33 PM使用枚举类型作为函数返回值的好处:提高可读性:使用有意义的名称常量,增强代码理解。类型安全性:确保返回值符合预期范围,避免意外行为。节省内存:枚举类型通常占用较少存储空间。易于扩展:可以轻松添加新值到枚举中。
Python程序通过字符串值查找枚举Sep 21, 2023 pm 09:25 PMPython中的枚举是一种用户定义的数据类型,由一组命名值组成。的有限集合值是使用枚举定义的,并且可以在Python中使用它们的名称而不是整数值来访问这些值。枚举使代码更具可读性和可维护性,并且还增强了类型安全性。在本文中,我们将了解如何在Python中通过字符串值查找枚举。要通过字符串值查找枚举,我们需要按照以下步骤进行:在代码中导入枚举模块定义具有所需值集的枚举创建一个函数,将枚举字符串作为输入并返回相应的枚举值。语法fromenumimportEnumclassClassName(Enum
如何在C/C++中使用枚举?Aug 28, 2023 pm 05:09 PM枚举是C语言中的用户定义数据类型。它用于给整数常量赋予名称,使程序易于阅读和维护。关键字“enum”用于声明一个枚举。以下是C语言中枚举的语法:enumenum_name{const1,const2,.......};Theenumkeywordisalsousedtodefinethevariablesofenumtype.Therearetwowaystodefinethevariablesofenumtypeasfollows.enumweek{sunday,monday,tuesday,
C++语法错误:枚举成员需要在括号内被初始化,应该怎么处理?Aug 22, 2023 pm 03:41 PMC++是一种常见的编程语言,其语法相对严谨且易于学习和应用。但在具体编程时,难免会遇到各种错误,其中一个常见的错误是“枚举成员需要在括号内被初始化”。在C++中,枚举类型是一种很方便的数据类型,它可以定义一组具有离散值的常量集合,如:enumColor{RED,YELLOW,GREEN};在这个示例中,我们定义了一个枚举类型Color,它包含三个枚举
PHP网站安全:如何防止会话劫持?Aug 17, 2023 pm 06:06 PMPHP网站安全:如何防止会话劫持?简介:随着互联网的发展,各种类型的网站应用层出不穷。而随着网站的发展,网站安全问题也变得越来越重要。其中,会话劫持是一种常见的攻击方式。本文将介绍会话劫持的概念,并提供几种有效的方式来防范会话劫持,保护网站的安全性。一、会话劫持的概念会话劫持是指攻击者通过某种手段获取到合法用户的会话ID,并使用该会话ID冒充合法用户,从而执
Java程序访问枚举中定义的所有常量Aug 19, 2023 pm 04:29 PM在JDK版本5之后,Java引入了枚举。它是使用关键字'enum'定义的一组常量。在Java中,final变量与枚举有些相似。在本文中,我们将创建一个Java程序,在其中定义一个枚举类,并尝试使用valueOf()和values()方法访问枚举中定义的所有常量。Enum的中文翻译为:枚举当我们需要定义一组固定的常量时,我们使用枚举类。例如,如果我们想使用一周的天数、行星的名称、五个元音字母的名称等。请注意,所有常量的名称都以大写字母声明。尽管在Java中,枚举是一种类类型,但我们不能实例化它。在
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Safe Exam Browser
Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.
SublimeText3 Linux new version
SublimeText3 Linux latest version
SublimeText3 Chinese version
Chinese version, very easy to use
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Mac version
God-level code editing software (SublimeText3)
