Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Issue with " Broken brute-force protection, multiple credentials per request" lab

Jasmin | Last updated: Jun 06, 2021 08:40AM UTC

Hello. Can anyone please tell me what is wrong with my JSON data in the request? I'm always getting 500 error. { "username":"carlos", "password":[ "password123", "123456" , "password", "12345678 ", "qwerty" , "123456789", "12345" , "1234" , "111111", "1234567", "dragon" , "123123" , "baseball", "abc123" , "football", "monkey" , "letmein", "shadow" , "master" , "666666" , "qwertyuiop", "123321" , "mustang", "1234567890", "michael" , "654321" , "superman", "1qaz2wsx" , "7777777" , "121212" , "000000" , "qazwsx" , "123qwe" , "killer" , "trustno1", "jordan" , "jennifer", "zxcvbnm" , "asdfgh" , "hunter" , "buster" , "soccer" , "harley" , "batman" , "andrew" , "tigger" , "sunshine", "iloveyou" , "2000" , "charlie", "robert" , "thomas" , "hockey" , "ranger" , "daniel" , "starwars", "klaster" , "112233" , "george" , "computer", "michelle" , "jessica" , "pepper" , "1111" , "zxcvbn", "555555" , "11111111", "131313" , "freedom", "777777" , "pass" , "maggie", "159753" , "aaaaaa" , "ginger" , "princess", "joshua" , "cheese" , "amanda" , "summer" , "love" , "ashley", "nicole" , "chelsea", "biteme" , "matthew", "access" , "yankees", "987654321", "dallas" , "austin" , "thunder", "taylor" , "matrix" , "mobilemail", "mom" , "monitor", "monitoring", "montana" , "moon" , "moscow", ] }

Uthman, PortSwigger Agent | Last updated: Jun 07, 2021 09:37AM UTC

Hi Kujasmin, Try removing the trailing comma in a few of your password payloads. Alternatively, you can paste it into a JSON validator and copy the output e.g. https://jsonformatter.curiousconcept.com

Viren | Last updated: Sep 13, 2021 06:13PM UTC