Skip to main content
All CollectionsTroubleshootingTroubleshooting Target Autentication
Troubleshooting: Login failed in target authentication with a login sequence
Troubleshooting: Login failed in target authentication with a login sequence

Learn how to troubleshoot issues in target authentication with a login sequence.

Jaime Vasconcelos avatar
Written by Jaime Vasconcelos
Updated over a week ago

In targets with authentication, Probely scans must log in to reach areas reserved for authenticated users to scan them for vulnerabilities.

The problem

When running scans on a target that uses a login sequence to complete a complex authentication flow, Probely fails to log in.

Troubleshoot the problem

To troubleshoot this problem, go through the following steps to identify the possible causes and respective solutions to fix it.

Step: Check the login sequence

Check if the JSON of the login sequence is still valid as follows:

  1. In the Probely app, go to the TARGETS tab.

  2. Identify the target in the list and click on the cogwheel to open its settings.

  3. In the AUTHENTICATION tab, check the LOGIN SEQUENCE configuration, and download the JSON of the login sequence.

  4. Open a browser, type the target’s URL, and follow the login flow.

  5. On each step:

    1. Right-click and select Inspect to obtain the attributes / CSS selectors that identify the input fields. Learn more about how to obtain a CSS selector.

    2. Take note of those attributes / CSS selectors and the values used in the input fields.

  6. In the JSON of the login sequence, validate the following:

    1. If the sequence follows the login flow.

    2. If the attributes / CSS selectors defined to identify the input fields are correct.

    3. If the values defined for use in the input fields are correct.

If the JSON does not reflect the login flow, Probely scans cannot authenticate.

Check the following possible causes, and apply the respective solution:

Cause

Solution

The login sequence does not follow the login flow.

Record a new login sequence, and add it to the target authentication.

There are input fields in the login sequence with wrong attributes / CSS selectors to identify them in the login flow.

Record a new login sequence, and add it to the target authentication.

There are input fields in the login sequence with wrong values to use in the login flow.

Record a new login sequence, and add it to the target authentication.

After following these steps, identifying the causes, and applying the respective solutions, Probely scans should be able to log in to your target.

Learn more about this subject in the following articles:

Did this answer your question?