Forum Discussion

jban_198207's avatar
Nov 17, 2015

Brute force detection with custom HTML form

I have Web server that requires authentication with Username and password, but it’s not classic let say IIS Form.

 

Basically, in Fiddler I don’t see WebForms in /Login/ UR, after I enter username and password site is redirected /somedir/Login with POST command where you have something like param1=username&param2=password, … and then it comes back to /Login/

 

F5 with AutoBuilder don’t see /somedir/Login that I have in Fidler?

 

How can I create Brute Force detection for this situation.

 

2 Replies

  • What does a failed /Login/ response look like? I would focus on their distinction from a good /Login/ response. Do you have a Fiddler Trace?

     

  • Solved, Thank you. I review difference between good and bad and find some difference in JavaScript code that gives me good String. : )