Investigation about Slow things down

Slow things down

jules70
4 months ago

0

Hello, I have used wireshark but no success. Also i have used a password which don’t work and a miracle appear : Invalid CSRF token is displayed.in red on the page What that mean?

Do i have to use burpsuit for this one. ?

thank you for any informations

bye

9replies
4voices
193views
🐉 [Cheerfulbull]
4 months ago

0

Invalid CSRF means you waited too long before entering the password. it’s not relevant to the challenge. Neither wireshark nor burpsuite will help you, you just need your eyes and a keyboard.

jules70
4 months ago

0

Hello everybody, for this one, do i use curl? Also I use firefox: about:config
I type ‘time’ and I see so more options. I am confused. It is too difficult for me.
I have also used the new private windows with firefox but that not work.

the answer is in the source code ?
How to config fire fox to ‘freeze’ the time before enter the password

Thank you very much

🐉 [Cheerfulbull]
4 months ago

0

No the answer is not in the source, you don’t need curl, config or any of that, you just need to be able to enter different passwords into the website.

Reply has been removed
jules70
4 months ago

0

Hello, all the people, for this one I have saved the ‘Slow things down Defend the Web.htm’ on my pc in my hard disk, I have modified the source code with

   <button type="submit" class="button button--main right">Log in</button>  
        <button type="submit" class="button button--main right">Log in</button>  

It’s true so now I have 2 buttons ‘Log in’ and I press them following sverial times, but nothing appears, please help me
After I add to the file :


Am I in the right way : to modify the source code, and so resolve the challenge ?

Thank you very much

jules70
4 months ago

0

perhaps wiyh After I add to the file two time:


perhaps there is a problem with token

Thank you very much

Reply has been removed
jules70
4 months ago

0

I add 2 times the input password un the source code and i click on all the buttons but no resolve


<input type=“password” name=“password” id=“password” value=“aaaaaaaaaaa” ma

🐉 [Cheerfulbull]
4 months ago

0

Hello,
You have been totally on the wrong track so far. However, if you were on the right track you would already have spoiled it for everyone, so let’s continue this conversation in PM’s

neoxquick
3 months ago

0

how many second you have to be sloow.. i have like 29 sec late, but i still get anything..

Bye N

🐉 [Cheerfulbull]
3 months ago

1

It’s not about being slow, it’s about why the page is being slow, when you solve the challenge, the page will be loading 10 seconds late, but you will also have a password that you know is right,

Reply has been removed
You must be logged in to reply to this discussion. Login
1 of 10

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.

Dismiss