question https bruteforce #56
Comments
|
no idea without knowing the specific web app you are targeting ... can you run that command again by adding a |
|
I did update to the latest release then re issued the command as suggested RUST_LOG=debug ./legba http --username prtgadmin --password prtgadmin --target https://172.16.4.100 --http-method POST --http-success-codes 200 --http-payload 'log={USERNAME}&pwd={PASSWORD}' [INFO ] target: https://172.16.4.100 [DEBUG] worker started the website is the PRTG monitor networking 
|
|
I see you interrupted with CTRL+C there, I need you to leave it running until something else such as a timeout or an error shows up. |
|
here Isi the complete output from a fresh git pull to latest release RUST_LOG=debug ./legba http --username prtgadmin --password prtgadmin --target http://172.16.4.100 --http-method POST --http-success-codes 200 --http-payload 'log={USERNAME}&pwd={PASSWORD}' [INFO ] target: http://172.16.4.100 [DEBUG] worker started pretty sure the webpage is http and both credentials are working |
Hi,
im trying to brute force the webapplication login form (https) with this command
./legba http
--username prtgadmin
--password prtgadmin
--target https://xx.xx.xx.xx
--http-method POST
--http-success-codes 200
--http-payload 'log={USERNAME}&pwd={PASSWORD}'
legba v0.9.0
[INFO ] target: https://xx.xx.xx.xx
[INFO ] username -> string 'prtgadmin'
[INFO ] password -> string 'prtgadmin'
[INFO ] runtime 1.001873666s
running on macOS apple silicon 15.0.1 sequoia
pretty sure the credentials are working, is that a good result or ?
thanks
The text was updated successfully, but these errors were encountered: