2.open a web browser and enter the address localhost / dvwa /
3. mysql enabled applications through terminal
4.login dvwa
5.setting the browser to use a proxy dvwa
6.open the application burpsuite
7.the application proxy burpsuite tab enabled intercept
8.login tests and will record the activity in intercep and right click to send it to the intruder tab on port filled with port 8080
9.moved into position and then click the tab in order to clear $ customizable search
10.still on the tab position, in the add $$ to the search we want
11.shifted to the payload tab and enter the words that we think of as a password or username into the column payload option
12.will display a confirmation whether the order was continued
13.after clicking start eating intruder attack on the toolbar will display the results
Tidak ada komentar:
Posting Komentar