Bruteforcing MFA Code
Last updated
Last updated
After using the login and password (with the captcha code) I was met with the multi factor authentication page. Slightly annoying, but I checked the page source for this as well to see what I could find.
I saw some relatively readable javascript code. There was a string that said "fred we need to put some brute force protection on here remind me in the morning, jason"
Im going to assume they didnt get round to it but there is only one way to find out. What I do know so far is that there are only 4 digits required so I probably could brute force it going from "0000" up to "9999"
I can do this in bash by first
This was to test it works and we get the response needed for example, not needing to provide additional information like the session ID
I had some help here, the code I used did not work but the code I found online was very similar and did work, I'll add them both here for reference and learning
My Code:
Borrowed Code:
Explainer
bash script, starts with interations for i in the range of 0000.9999.
Do a silent curl post with the data and the code is the interations.
Webpage is the IP and console mfa provided plus the cookies for username and password
; to seperate it and, if statement to see if the output was equal to 0 it means it has succeded.
With that we can do echo "found it" and break to stop the search, fi means finish then done to complete it.
While looking at the ways other people went through this task I found someone else used tool called "patator" to cycle through the numbers 1000 - 9999
