Is it possible to avoid the auto account lock in Linux

20 pts.
Tags:
kali linux
Linux
Security
For learning purposes, as an ethical hacking, I'm trying to preform an dictionary attack on my own web page, put off-course the account lock after certain number of field attempts. So my question is can I or anyone bypass this and avoid the auto account lock? And how?

Software/Hardware used:
kali linux, burp suit

Answer Wiki

Thanks. We'll let you know when a new response is added.

The only way to know this is to determine if any part of the account login mechanism can be manipulated to prevent accounts from locking. You usually cannot bypass this since the locking function is often performed at a different layer. This is especially true if you’re looking to try hundreds or thousands of login attempts. Here are some pieces I’ve written on web application vulnerability and penetration testing that might prove helpful.

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • ToddN2000
    Must be a tough feat as we all know some of out smartphones will fail after a set number of attempts. The FBI was fighting Apple for the key so they could try to crack into a suspected terrorist phone. I know for our system, an iSeries, the login profile gets disabled after 3 attempts.
    It then has to be reactivated by the security officer. 
    102,585 pointsBadges:
    report
  • TheRealRaven
    What desktop are you running? I could possibly start up a recent Kali instance to see what the default is, but that has no guarantee for yours.

    Easiest way for a Gnome-based desktop is to install dconf-editor to modify the desktop configuration. Tweak the appropriate settings for your needs.

    What specific problem does the account lock cause?
    24,415 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.

Following

Share this item with your network: