I. Use proxy to capture packets, as shown in the following figure:

2. Right click and send it to Intruder as shown below:

3. Select the following TAB:

1. The default is Sniper mode, that is, if there are multiple variables, crack each variable in turn and replace only one variable at a time. That is to say, if there are username and password variables, it will burst and break username first, and the password field will not change. Then the username is unchanged, and then the password field is exploded

2.Battering RAM mode: If multiple variables are decrypted simultaneously, for example, username and password are decrypted using the dictionary, then the two variables will be replaced with a value in the dictionary each time

3. The pitchfork mode: Each variable corresponds to a dictionary, for example, username and password. Replace the corresponding variable with one data in the corresponding dictionary. If the two dictionaries have different numbers of entries, the number of entries in the two dictionaries is smaller than the number of entries

4.Cluster Bomb mode: This mode is improved from Pitchfork mode, that is, the dictionary values corresponding to different variables are perused and combined to achieve different combination attacks

In the figure above, we add only one changed pair, so we only need to select one of the payload sets for simple numeric substitution

“You are in…” You are in… Add it in.

Six. According to the length of screening, get the correct ASCII code

All other table names are tested…….