1. First go to the terminal and activate mysql and apache2
2. Then open web bar enter http: / localhost / dvwa then enter
3. Once open then change the security system from high to low in order to facilitate the exercise
4. The next step open brute force, then activate the proxy on a web dvwa
6. after the open entrance to the web do login command then turn off the proxy
7. the existing tool burpsuit proxy, the proxy then the intercept intercept there is no choice of action will emerge command then click send to intruder
8. the tool introder contained the following options:
a. the contents of the target host
b. edit position command on password
c. payload password that will be filled in trying to attackinclude estimates of the passwords that have possibilities.
11. Start by selecting the start intruder attack.
12. It would be in getting the possibility of the correct password.
Tidak ada komentar:
Posting Komentar