1 forms-based blasting
Choose a password blasting
Blasting the selection list and enter the possible passwords.
After blasting see the results, it can be seen 123456 for the password.
The server 2 to bypass the codes
Because the server-side validation code exists survival time, all of the first to enter the correct code, then blasting.
Client codes bypass 3
Check codes found in the front end, so first enter the correct PIN before blasting
4 token
Discovery packet has submitted token value, if not not correspond to pairs.
Discover the source code has a value of token
Then select the variable assignment
final result: