Attacking Web Login Portals — How I hacked over 600 accounts
Hi everyone,
Today I want to look at the methodology when attacking web login portals. I see many posts about different vulnerabilities in programs, but very little amount of people talks about this topic. Of course, there is some sense behind this, because without valid credentials, there is very little functionality to be exploited. For the same reason, these portals are often not well protected.
Paywall blocking you? Here is a friend link: https://medium.com/@mares.viktor/attacking-web-login-portals-how-i-hacked-over-600-accounts-c5d2c7f31ae9?sk=2ce9edcea528f0f82ecdee3e6d47c13e
There are a few vulnerabilities/misconfigurations that will get you some good bug bounties or findings during an engagement, like:
- Default Credentials
- Username Enumeration
- Weak Lock Out mechanism
So, let’s deep dive into each one of them and see how this can earn you some money.
1. Default Credentials
Misconfigurations with default credentials can be seen everywhere & this is a vulnerability that is usually High or Critical, depending on the access that it gives you. The methodology behind this is very simple — first you need to find default credentials for the application that you are testing. Then find all the login portals, where you can use those credentials.