Is it possible to test 40 000 webpages easily to see valid one? – DigitalMunition




Is it possible to test 40 000 webpages easily to see valid one?

Home Forums Is it possible to test 40 000 webpages easily to see valid one?

This topic contains 0 replies, has 1 voice, and was last updated by  BrianMiz 3 weeks, 1 day ago.

  • Author
    Posts
  • #150089

    BrianMiz
    Member

    I work at one of the largest companies in the world. You have most likely heard of it. We have alarmingly bad IT-people. This is just one example but for a non-critical system, I noticed that you can log in as someone else if you just have the correct URL. There are 3 characters that change randomly, leading to around 40 000 different combinations with numbers and letters. As an admin user, I already have the ability to log in as anyone and can see that this is how the system works. I want to potentially bring this up to my boss as an issue but then it would be best if I had a method to brute force a mass of websites for the correct one to show. This is also driven a bit by personal interest in what is actually possible today.

You must be logged in to reply to this topic.