PdfPrep.com

Which of the following should Ann perform to test whether the website is susceptible to a simple authentication bypass?

Ann is testing the robustness of a marketing website through an intercepting proxy. She has intercepted the following HTTP request:

POST /login.aspx HTTP/1.1

Host: comptia.org

Content-type: text/html

txtUsername=ann&txtPassword=ann&alreadyLoggedIn=false&submit=true

Which of the following should Ann perform to test whether the website is susceptible to a simple authentication bypass?
A . Remove all of the post data and change the request to /login.aspx from POST to GET
B . Attempt to brute force all usernames and passwords using a password cracker
C . Remove the txtPassword post data and change alreadyLoggedIn from false to true
D . Remove the txtUsername and txtPassword post data and toggle submit from true to false

Answer: C

Exit mobile version