Two Factor Authentication(2FA) Bypass | 2FA Broken Logic

Подписаться 3,2 тыс.

Просмотров 7 тыс.

50% 1

During this video we look at the scenario where an attacker bypass a broken 2FA mechanism to login into the victim user account entirely based on the victim username and without knowing the password.
NOTE: This video is made ONLY for educational purposes and to help developers and security researchers to enhance their security knowledge. Therefore, allowing them remediate potential vulnerabilities in their OWN applications.
Web Security Academy | Lab: 2FA broken logic:
portswigger.net/web-security/...
Twitter: / tracethecode

Наука

Опубликовано:

24 апр 2022

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 24

@abhaychauhan7862 Год назад

You deserve a billion subs brother! I've never seen someone explain such easily.Thanks Brother. Much Love.

@TraceTheCode Год назад

So nice of you.

@romogomu6726 11 месяцев назад

Thank you, need teachers like you - the very way you explain ☺️

@nehamartand7499 Год назад

Easiest explanation of this lab! Thanks:) :)

@TraceTheCode Год назад

Welcome! Glad you think so!

@raulherbert Год назад

great explanation! thanks!

@TraceTheCode Год назад

You're welcome!

@ferasalfarsi897 2 года назад

Thank you for this video!

@TraceTheCode 2 года назад

You are so welcome!

@bilalsec Год назад

Thank you, this video it's very important !!!!!!

@TraceTheCode Год назад

You are welcome!

@purvashgangolli5968 Год назад

so good explanation..THanku brother....

@WilliamFred-lo2um Год назад

All my days I've seen anyone so good in hacking like Cyboxtools. The perfect one for all kinds of hack

@mike-nn1mq Год назад

i have burp community so it will take me hours to solve the lab. i tried with python to bryte force it but nothing happens... if someone solved it with community edition please tell me

@tahmidrad6647 Месяц назад

Do I need linux to do this or I can do it on windows?

@aliasforah Год назад

It's work in burp suite community edition??

@TraceTheCode Год назад

Yes, burp suite community edition can be used to slove this lab!

@kennymurphy7373 2 года назад

Hey Man how do I download the tool your using to 2fa bypass that the only problem I have Beside that the video are great man!....

@TraceTheCode 2 года назад

You can download Burp Suite from 'portswigger' website. Here is the link for the free version. portswigger.net/burp/communitydownload

@teisoviovenyo2062 2 года назад

I still dont understand exactly. Can you still may it easier video to follow. please?

@TraceTheCode 2 года назад

Hi, Which part is not clear? I suggest that you access the lab while watching the video. First review the Auth Process with your creds from lab description to get a good understating of the Auth process(Both steps) then proceed to exploit the issue. The "2FA Process Review" section in the video can be helpful as it gives an overview of the Auth Process.