base64 encoded Web bruteforcing

  1. send the request to the intruder

  2. select the ended part with add

  3. go to payload pick custom iterator for payload 1, set a username "admin"

  4. pick position 2 and paste rockyou.txt content

  5. for payload processing, add > Base64-encode

start the attack

make sure the port is correct~!

Last updated