Violent blasting of weak passwords
F12 found after entering the wrong password one time
Weak command dictionary blasting
agent opens burp
Find the different length,
check the response and
get the flag
Notes
1. Use dictionary blasting for weak passwords without verification.
2. There are important tips for html comments
3. Weak password dictionary
4. Blasting variables need to be added by themselves, you can just blast the password, click Add to add the $$ variable placeholder.