Skip to main content

Reset Jim's Password

Difficulty: ๐ŸŒŸ๐ŸŒŸ๐ŸŒŸ

Description: Reset Jim's password via the Forgot Password mechanism with the original answer to his security question.

Category: Broken Authentication

Tags: OSINT

Solution:

Go to Forgot Password, use jim@juice-sh.op as email, and optionally enter the answer. This will throw Wrong answer to security question. image

Open Burp Suite โ†’ Proxy โ†’ HTTP History and find POST /rest/user/reset-password, send it to repeater image

Send it to intruder, click clear ยง, add ยง to value off answer: image

Go to payload, search Google for a list of common names and load that list to payload options image

Go to options โ†’ Grep - Extract and Add Wrong answer to security question. image

Click start attack and wait for the successful attack, find the status 200 image

Yeh his middle name is Samuel, use it to reset the password, we got this challenge