Any idea for how to intercept the good values on the login page to bruteforce an account?
Looks easy on Burp docs but I'm not getting the "username=" and "password=" values...
You are viewing a single comment's thread from:
Any idea for how to intercept the good values on the login page to bruteforce an account?
Looks easy on Burp docs but I'm not getting the "username=" and "password=" values...
One way is to sign a transaction and broadcast it using the broadcast API. I do not recommend that method because brute forcing would literally take 1,000 trillion years.
Is there a specific account you want to attack?
Yes my mum's account cuz she forgot the password but gave me a list of passwords to try bruteforcing it.
Not familiar with the way you proposed. I'll check that out tomorrow!
Basically I want username and password values to enter them in Burp and it does the job for me.
I see. Good luck with that. But there is (ideally) no API endpoint that accepts username/password. It’s all about cryptography, which means each client signs and broadcasts their data and never reveals their secret.
Tho a hacker that has access to your Bitcoin/etc... wallet.dat can brutforce your qt password if you have one...