Details are described in our advisory.
In the corresponding blog post the vulnerability CVE-2023-33243 is used as an example to describe how we generally approach the analysis of authentication mechanisms and identify misconceptions we encounter during our pentest engagements.
Install Python libraries requests and click.
python3 login.py --url [URL] --login [Login ID] --pwhash [SHA512 Password Hash]