1.7 KiB
1.7 KiB
Login Bypass
Bypass regular login
If you find a login page, here you can find some techniques to try to bypass it:
- Check for comments inside the page
scroll down and to the right?
- Check if you can directly access the restricted pages
- Check to not send the parameters
do not send any or only 1
- Check the PHP comparisons error: user[]=a&pwd=b , user=a&pwd[]=b , user[]=a&pwd[]=b
- Check credentials:
- Default credentials ****of the technology/platform used
- Common combinations
root, admin, password, name of the tech, default user with one of these passwords
. - Create a dictionary using Cewl, add the default username and password
if there is
and try to brute-force it using all the words as usernames and password - Brute-force using a bigger dictionary (Brute force)
SQL Injection authentication bypass
Here you can find several tricks to bypass the login via SQL injections.
In the following page you can find a custom list to try to bypass login via SQL Injections:
{% page-ref page="sql-login-bypass.md" %}
No SQL Injection authentication bypass
Here you can find several tricks to bypass the login via No SQL Injections.****
As the NoSQL Injections requires to change the parameters value, you will need to test them manually.