marcwickenden/generate-intruder-passwords.sh

## generate-intruder-passwords.sh
#!/bin/bash

# Usage: ./generate-intruder-passwords ThisisthecorrectPassword123 20
#
# The first argument is the correct password for the app.
# The second argument is the maximum number of password attempts to make.
# 20 is the default, if it hasn't locked you by then I'd say that's a finding.
#
# The script will simply increment up to $LIMIT outputting n incorrect passwords and then the correct one.
# We enter the correct one to potentially reset the incorrect count.

CORRECT_PASSWORD=${1:-Password1}
LIMIT=${2:-20}

for i in $(seq $LIMIT); do
  seq $i | xargs -Iz echo IncorrectPassword
  echo $CORRECT_PASSWORD
done
	#!/bin/bash

	# Usage: ./generate-intruder-passwords ThisisthecorrectPassword123 20
	#
	# The first argument is the correct password for the app.
	# The second argument is the maximum number of password attempts to make.
	# 20 is the default, if it hasn't locked you by then I'd say that's a finding.
	#
	# The script will simply increment up to $LIMIT outputting n incorrect passwords and then the correct one.
	# We enter the correct one to potentially reset the incorrect count.

	CORRECT_PASSWORD=${1:-Password1}
	LIMIT=${2:-20}

	for i in $(seq $LIMIT); do
	seq $i \| xargs -Iz echo IncorrectPassword
	echo $CORRECT_PASSWORD
	done