Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Lab: Username enumeration via account lock

Ween | Last updated: Mar 23, 2021 09:53AM UTC

Hi everyone, I'm using Burpsuite Community Edition and can't solve this lab. I think it is because the CE is too slow and therefor doesn't trigger the response looked for. The site already has reset itself after each round of 100 tries. I think if each username would be tested with 5 null requests, before moving on to the next username it might work. But it now just works down the list of usernames, before testing the 2nd, 3rd etc. Is there a way to work around this?

Uthman, PortSwigger Agent | Last updated: Mar 23, 2021 01:21PM UTC

Hi Ween,

Have you tried splitting out the supplied usernames into smaller lists (e.g. groups of 25) in order to avoid some of the throttling that will occur when using Burp Intruder?

Ween | Last updated: Mar 23, 2021 04:37PM UTC

Hi Uthman, No I didn't. But you're right, that would be a solution for now. Can do 5 x 20 or so. BTW, is there a way to have 5 x null on a username and than move on to the next username, etc.? I understand it would make the need to upgrade to pro less urgent ( ;-) ) but I thought it to be a good solution to work with the community edition and get good results? Just an idea.... Thanks anyway for your quick reply. Love this academy! Learn a LOT!!

Uthman, PortSwigger Agent | Last updated: Mar 24, 2021 11:36AM UTC

Thank you for your feedback!

Can you provide more detail on the 5 x null you suggested on a username?

Brian | Last updated: Nov 19, 2022 06:09PM UTC

I can confirm reducing the payload to 50 (5x 10 usernames per attack) allows you to get a different length for the correct username we're looking for.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.