1

I want the intruder to flag the attack response only when a specific string DOESN'T MATCH

The string is: Invalid credentials

Tried using RegExp inverse match: https://stackoverflow.com/a/164419/10362396

enter image description here

It is not working

enter image description here

Please note, the current selected response is when the username and password are correct.

tbhaxor
  • 1,659
  • 2
  • 13
  • 43
  • As per your linked answer *Note that lookaheads and lookbehinds are generally not the right way to "inverse" a regular expression match. Regexps aren't really set up for doing negative matching, they leave that to whatever language you are using them with.* – Lieven Keersmaekers Jun 09 '21 at 07:29
  • That said, you might make it work but you'll need to use some anchoring on where the string is not expected to be found. Can you post a screenshot of a response containing the "Invalid credentials"? – Lieven Keersmaekers Jun 09 '21 at 07:31
  • @LievenKeersmaekers I am using Burpsuite for the bWAPP application. Here is the response string I want to match. https://github.com/raesene/bWAPP/blob/master/app/login.php#L123 – tbhaxor Jun 10 '21 at 05:50

0 Answers0