diff --git a/pentesting/pentesting-web/README.md b/pentesting/pentesting-web/README.md index 7e2d65d54..7a14347e8 100644 --- a/pentesting/pentesting-web/README.md +++ b/pentesting/pentesting-web/README.md @@ -332,27 +332,6 @@ TODO: Complete the list of vulnerabilities and techniques with [https://six2dez. ## User input related vulnerabilities special mention -### **Bypass regular login \(POST or GET method\)** - -If you find a login page, here you can find some techniques to try to bypass it: - -* Check for **comments** inside the page \(scroll down and to the right?\) -* Check if you can **directly access the restricted pages** -* Check to **not send the parameters** \(do not send any or only 1\) -* Test manually [very common passwords](./#2-2-5-list-of-common-password-to-test-manually). -* Check for **default credentials** -* Check for **common combinations** \(root, admin, password, name of the tech, default user with one of these passwords\) -* Check the **PHP comparisons error:** _user\[\]=a&pwd=b_ , _user=a&pwd\[\]=b_ , _user\[\]=a&pwd\[\]=b_ -* Create a dictionary using **Cewl**, **add** the **default** username and password \(if there is\) and try to brute-force it using all the words as **usernames and password** -* Try to **brute-force** using a bigger **dictionary \(**[**Brute force**](../../brute-force.md#http-post-form)**\)** - -You should also check for: - -* [**SQL Injection authentication bypass**](../../pentesting-web/sql-injection/#authentication-bypass) -* [**NoSQL Injection**](../../pentesting-web/nosql-injection.md) -* [**XPath Injection**](../../pentesting-web/xpath-injection.md) -* [**LDAP Injection**](../../pentesting-web/ldap-injection.md) - ### Insert into/Create Object Check for [SQL INSERT INTO Injections](../../pentesting-web/sql-injection/#insert-statement)