Introduction
Burp has various tools to help make our testing better and faster. In the following scenario we will be using a couple of tools in conjunction with one another to maximize our potential for finding bugs fast.
2FA broken logic
This time it appears we are testing on a blog. Here’s what we know:
- Your credentials:
wiener:peter
- Victim’s username:
carlos
You also have access to the email server to receive your 2FA verification code. (See the email client button)
Let’s start by clicking around as we usually do and exploring the application. We should login and as we try this, we notice we need to enter our 2FA code. Let’s investigate this flow further.
It seems the most interesting call of this process is a POST to /login2.php where we enter our mfa-code which seems to be our multi factor authentication code. Also notice there is a cookie ‘verify’ to determine who’s MFA code is being checked.