Closed missing0x00 closed 2 weeks ago
@missing0x00 Just wanting to do some due diligence before merging since I don't have a good way to test this right now.
@knavesec Great questions, I would love to test it more extensively as well.
pf.pass
field since this is likely a success. This is also part of why I left in the code to retrieve the ping-messages
portion of the response.Also update the readme with the new plugin and add yourself to the credits if desired
Main requirement for the Ping authentication flow is that it needs a new URI and cookie value with each request, otherwise it will start returning "page expired" warnings.
I included a section which will append the "ping-messages" div from the response to ensure accuracy. This can be removed if it's too verbose, most of the messages will just be "We didn't recognize the username or password you entered. Please try again."