RE: Question for the developers about "username" in a line of code

You are viewing a single comment's thread from:

RE: Question for the developers about "username" in a line of code

View the full context

inertia (74)in #devs • 5 years ago

@centerlink is correct, this method accepts an array of account names. I also just wanted to direct you to the correct (and soon to be updated for hive) documentation:

https://developers.hive.io/apidefinitions/#condenser_api.get_accounts

5 years ago in #devs by inertia (74)

$0.00

1 vote

Sort:

Trending

[-]

alexoz (60) 5 years ago

Any idea for how to intercept the good values on the login page to bruteforce an account?

Looks easy on Burp docs but I'm not getting the "username=" and "password=" values...

$0.00

[-]

inertia (74) 5 years ago

One way is to sign a transaction and broadcast it using the broadcast API. I do not recommend that method because brute forcing would literally take 1,000 trillion years.

Is there a specific account you want to attack?

$0.00

1 vote

[-]

alexoz (60) 5 years ago

Yes my mum's account cuz she forgot the password but gave me a list of passwords to try bruteforcing it.

Not familiar with the way you proposed. I'll check that out tomorrow!

Basically I want username and password values to enter them in Burp and it does the job for me.

$0.00

[-]

inertia (74) 5 years ago

I see. Good luck with that. But there is (ideally) no API endpoint that accepts username/password. It’s all about cryptography, which means each client signs and broadcasts their data and never reveals their secret.

$0.00

1 vote

[-]

alexoz (60) 5 years ago

Tho a hacker that has access to your Bitcoin/etc... wallet.dat can brutforce your qt password if you have one...

$0.00