Burp Suite User Forum

Login to post

Query regarding the Exam

Dheeraj | Last updated: Aug 11, 2022 07:35PM UTC

Hello, I was wondering, for the first step in the exam we are supposed to get the details of a user right. Will it always be the user "carlos" or can it be anyone?

Michelle, PortSwigger Agent | Last updated: Aug 12, 2022 08:34AM UTC

You can find details about the exam and some hints and guidance here: https://portswigger.net/web-security/certification/how-it-works#what-the-exam-involves https://portswigger.net/web-security/certification/exam-hints-and-guidance There is always an administrator account with the username "administrator", plus a lower-privileged account usually called "carlos". If you find a username enumeration vulnerability, you may be able to break into a low-privileged account using the following username list and password list.

You need to Log in to post a reply. Or register here, for free.