Broken Authentication Update help with 2FA

Hello.

Y’all updated the Broken Authentication section literally as I was trying to submit my flag, was confusing for a minute, lol.

Anyway, I’m stuck in the skills assessment.

I found the username and password, but when I get to the 2FA part, I’m doing what it shows in the brute forcing 2FA section. I’ve tried a few alternatives, like a 5 digit code, but no dice.

I can’t find if the web app gives the structure of the 2FA code anywhere.

Any help is appreciated. No answers, just a push in the right direction.

Thanks.

Got it.

That was fun.

Can you help me? I also cant bruteforce 2fa

Hello
Can you please help. I am also stuck there. My OTP is changing and it doesn’t matter which one I used, it fails

1 Like

Hello. Please how did you manage to get it. It is 3 days i am on it. all the OTP i got don’t just work. i used 4 digits, 5 and 6. None seems to work.

1 Like

You don’t need to bruteforce the OTP. I was actually unable to do so. Focus on the response and/or look at profile.php after username/password login. It’s much easier than having to bruteforce the OTP, you’re already there.

Thanks. I have solved it already

1 Like

@JDewein @h4ck3r28 @ndefstathiou
Can you give me the recommendation?
I found the username and password after brute-forcing username and password and can not bruteforce 2FA function. I created account and only show "You do not have admin privileges. The site is still under construction and only available to admins at this time. "
Can you give me some ideas for what to do next?
Thank you!

After création account verifi the url and try to fix it for the brute forced credentials

Mr @h4ck3r28 ,

Can you detail it, thank you!

Capture the login request with the correct credentials and fix the dashboard page. Try first to register an account to see how the dashboard looks like.

Hello! I’ve got the flag, but I have a question for you all:

How do you find the username and password?

Once I got the username and password, it was trivial for me (maybe with some luck) to bypass the OTP. However, I was stuck for many hours until I found the correct username and password using brute force. Maybe I’m missing something, but the only method I found was using Hydra with the enumerated usernames (there were a lot of existing users in my case) combined with a list of passwords that met the restrictions.