O'Reilly logo

Security with Go by John Daniel Leon

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Brute forcing the HTML login form

Just about every website with a user system provides a login form on a web page. We can write a program that will submit the login form repeatedly. This example assumes that there is no CAPTCHA, rate limit, or other deterring mechanisms on the web application. Remember not to perform this attack against any production site or any site you do not own or have permission. If you want to test it, I recommend that you set up a local web server and test only locally.

Every web form can be created with different names for the username and password fields, so the names of those fields will need to be provided on each run and must be specific to the URL being targeted.

View the source or inspect the target form to ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required