Know the people who do insurance.
If you have not downloaded the username list, do so here. If you did, procede to the next hint.
BurpSuite is a handy tool to automating requests
- Download the username list to your downloads directory
- Launch BurpSuite
- Depending on your BurpSuite configuration, either launch the BurpSuite browser or use a Browser Extension
- Browswer -> Fill out the user profile registration form manually with any info you want
- BurpSuite -> Proxy Tab -> Turn on intercept to start capturing traffic
- Browser -> Click register button to submit the form
- BurpSuite -> You should see /api/users OPTIONS requet -> Forward
- You should see /api/users POST requet -> Right Click -> Send to Intruder
- Toggle off the proxy intercept off -> Go to Intruder tab
- Highlight the email address you used inside the double quotes -> Click the 'Add S' button next to POSITIONS to make it a position variable
- In the 'Payload Configuration' section click load -> Selet the EMAIL_LIST.txt file
- In the 'Payload Encoding' section, toggle off URL Encoding
- Click the Start Attack button -> Wait for the attack to finish -> Sort be response codes
- Select the one with the 418 response code -> Review the request and see the email was
atorres@gmail.com