In this walk through, we will be going through the Broken Authentication (Password Attacks) vulnerability section from bWAPP Labs. We will be exploring and exploiting Login Forms with password attacks and learn how application are affected because of it. So, let’s get started with the Hacking without any delay.
Table of Contents
- Setting the security level to Low.
- The application has a authentication mechanism set-up and asks for user’s credentials to login. Once submitted, a POST request is being issued to ba_pwd_attacks_1.php for further execution.
- We receive the below error on submitting a wrong pair of credentials.
- Though the application has already given out credentials of the user on the front page, we will still test the authentication mechanism by bruteforcing it. I made a list of usernames and password below.
- Next, i used hydra to bruteforce the password and got hit with a valid pair of – bee:bug. Logged in to test the credentials.
sudo hydra -L usernames.txt -P passwords.txt localhost http-post-form "/ba_pwd_attacks_1.php/:login=^USER^&password=^PASS^&form=submit:H=Cookie:PHPSESSID=8c55u72aq9arn556cugortds43; security_level=0:F=Invalid credentials! Did you forgot your password?" -v
So, we finally completed all the security levels for the bWAPP – Broken Authentication (Password Attacks) Vulnerability. We looked into the various ways how application has been set up in various levels and how we can bypass the security controls implemented. Next, we can mitigate the password attacks on login forms by implementing strong password policy. Along with that, a lockout mechanism should be established in order to avoid bruteforce attacks at the login panel. On that note, i will take your leave and will meet you in next one with another bWAPP vulnerability writeup, till then “Keep Hacking”.