Burp Suite User Forum

Create new post

2FA bypass using brute-force attack

Hyok | Last updated: Jul 04, 2023 09:35AM UTC

I'm not able to solve this lab using turbo intruder as I'm using burp suite community edition. I also try to check if this issue persist only with turbo intruder or normal intruder, but this issue also happens with normal intruder. I already configure the macro as described in the video as well as in the textual solution(below to the lab description). I also completely remove my burp suite and then install it again but still I get this issue.

Hyok | Last updated: Jul 04, 2023 09:37AM UTC

The issue I currently face is "invalid CSRF token" in the response with 400 status code

Ben, PortSwigger Agent | Last updated: Jul 04, 2023 09:59AM UTC

Hi Hyok, Can you provide us with specific details (some screenshots would be useful) of the steps that you are taking to try and solve this lab so that we can see exactly what you are doing at each stage? If it is easier to do this via email (where you can attach screenshots directly) then please feel free to send us an email at support@portswigger.net and we can take a look from there.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.