Using burp suite to bypass 2FA: Practical guide

Thexssrat
4 min readMar 24, 2021

Introduction

Burp has various tools to help make our testing better and faster. In the following scenario we will be using a couple of tools in conjunction with one another to maximize our potential for finding bugs fast.

2FA broken logic

This time it appears we are testing on a blog. Here’s what we know:

  • Your credentials: wiener:peter
  • Victim’s username: carlos

You also have access to the email server to receive your 2FA verification code. (See the email client button)

Let’s start by clicking around as we usually do and exploring the application. We should login and as we try this, we notice we need to enter our 2FA code. Let’s investigate this flow further.

It seems the most interesting call of this process is a POST to /login2.php where we enter our mfa-code which seems to be our multi factor authentication code. Also notice there is a cookie ‘verify’ to determine who’s MFA code is being checked.

--

--

Thexssrat
Thexssrat

Written by Thexssrat

No b*llshit Hacking tutorials with extreme value in short bursts

No responses yet