145 words
1 minutes
OWASP Mutillidae 2 : A2 broken Authentication bypass via Brute Force
2024-10-28
Medium
mutillidae

Lets by pass Login page of Mutillidae and get the Admin access via Brute Force. if u have setup OWASP Mutillidae 2 make sure to check out .

Pre-Requirement :

  1. burp suite basic2. Networking basic3. Linux basic

IF u know let’s go and hack !!

Step 1. Go to login page.

image

Step 2 : Open burp and intercept the request.

image

Step 3 : Right click and send to intruder , in intruder click on Positions.

First select the cluster bomb in choose an attack type

In payload position select the test of username and click on ADD$ do same with password test.

image

Step 4: In intruder click on position.

In payload set select 1

add some common username . make sure to add admin .

now In payload set select 2. make sure to add adminpass

add some common password or full wordlist.

image

ss

Step 5 : click on start attack .

image

This post was originally published on Medium. Imported 2024-10-28.

OWASP Mutillidae 2 : A2 broken Authentication bypass via Brute Force
https://blogs.hacck3y.me/posts/owasp-mutillidae-2-broken-auth-bypass/
Author
hacck3y
Published at
2024-10-28
License
CC BY-NC-SA 4.0
Madness TryHackMe Walkthrough
Parrot CTF Web Event Write-Up
© 2026 hacck3y. All Rights Reserved. / RSS / Sitemap
Powered by Astro & Fuwari