< Back





1. Username enumeration via different responses

We're asked to brute-force attack this website. The login page provides different responses based on
whether or not a valid or invalid username or password is provided. We first use a wordlist of
usernames against the /login page, checking for the string "Invalid password" in the HTML response.
Once we've discovered the username, we brute-force the username with a wordlist of passwords until
the "Invalid password" string is no longer present in the HTML response.


Solution