STM LMS Bruteforce Exploit with Golang

Get your Login endpoint by visiting the login page of the STM LMS. Open the network tab in Chrome Devtools, get the request URL from the Login action. Put it the url and the targeted username in the .env (see .env.example).

Run go run main to start the brute force process by sending POST requests with password combinations from try.txt file (each password to be tried is separated by new lines). The program will write the correct password in correct_password.txt and logging it in the console.


View Github