Broken Authentication: Username Enumeration

How it works?

When there are broken web apps with weak password policies and are improperly configured, an attacker can intercept those requests from the web application using a tool called burp suite (proxy interception tool) and enumerate all the possible users on the web application.

Wsdler:

https://portswigger.net/bappstore/594a49bb233748f2bc80a9eb18a2e08f

Document:

https://1drv.ms/w/s!Ao7F-KRHEeYLhVHaBTJd2I79c6z3

Mitigations

Stopping these attacks from happening is actually more complicated than you think.

Here is a list of things to keep in mind for strong authentication mechanisms.

  • Do not reveal too much information about the user such as error/success login attempts.
  • Externalize the passwords ( Hashes with salts ) or ( store them in an encrypted file )
  • Strong password policies ( Lockouts, aging, hashes with salts, strong passwords )

 

Demonstration Of The Attack

If you have any questions please comment below.