Investigation about Slow things down

Slow things down

jules70
3 weeks ago

0

Hello, I have used wireshark but no success. Also i have used a password which don’t work and a miracle appear : Invalid CSRF token is displayed.in red on the page What that mean?

Do i have to use burpsuit for this one. ?

thank you for any informations

bye

7replies
2voices
92views
🐉 [Cheerfulbull]
3 weeks ago

0

Invalid CSRF means you waited too long before entering the password. it’s not relevant to the challenge. Neither wireshark nor burpsuite will help you, you just need your eyes and a keyboard.

jules70
3 weeks ago

0

Hello everybody, for this one, do i use curl? Also I use firefox: about:config
I type ‘time’ and I see so more options. I am confused. It is too difficult for me.
I have also used the new private windows with firefox but that not work.

the answer is in the source code ?
How to config fire fox to ‘freeze’ the time before enter the password

Thank you very much

🐉 [Cheerfulbull]
3 weeks ago

0

No the answer is not in the source, you don’t need curl, config or any of that, you just need to be able to enter different passwords into the website.

Reply has been removed
jules70
2 weeks ago

0

Hello, all the people, for this one I have saved the ‘Slow things down Defend the Web.htm’ on my pc in my hard disk, I have modified the source code with

   <button type="submit" class="button button--main right">Log in</button>  
        <button type="submit" class="button button--main right">Log in</button>  

It’s true so now I have 2 buttons ‘Log in’ and I press them following sverial times, but nothing appears, please help me
After I add to the file :


Am I in the right way : to modify the source code, and so resolve the challenge ?

Thank you very much

jules70
2 weeks ago

0

perhaps wiyh After I add to the file two time:


perhaps there is a problem with token

Thank you very much

Reply has been removed
jules70
2 weeks ago

0

I add 2 times the input password un the source code and i click on all the buttons but no resolve


<input type=“password” name=“password” id=“password” value=“aaaaaaaaaaa” ma

🐉 [Cheerfulbull]
2 weeks ago

0

Hello,
You have been totally on the wrong track so far. However, if you were on the right track you would already have spoiled it for everyone, so let’s continue this conversation in PM’s

You must be logged in to reply to this discussion. Login
1 of 8

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.

Dismiss