Skip to content

Deepseek Vulnerability

Published: at 12:22 PM
Description of GIF

Requirements

Let’s start…

Open the Deepseek login page, click on ‘Forgot Password,’ and enter the victim’s account. Then, click on ‘Send Code.’ In Burp Suite, intercept the request, click ‘Continue,’ and capture the request.

deepseek

You can see that we have captured this request. Now, send it to the Intruder in Burp Suite.

deepseek

Select the verification code and click on Add$

deepseek

Select the payload type as Numbers and set the range. Since the verification code contains six digits, choose a range from 111111 to 999999.

deepseek

Go to the settings, clear all existing words, and then add the word success.

Why Select “success”?

When performing a brute-force attack on a verification code, we need to identify the correct response from the server.

deepseek

Start the attack, it will take some time to perform due to the large number of items in the list.

you can see that the attack was successfully performed as it gives us a success response.

deepseek

Now, we have changed the verification code to 381675 and forwarded the request.

deepseek

When we forward the request and check in the browser, it asks us to change the password.

deepseek

Now, you change the password and gain access to the victim’s DeepSeek account.


Thank You. I hope that you have found this information provided to be valuable and helpful. Use it for educational purposes only…. 🙂