Обход Google Authenticator (otpCode). Change POST Request.

[seblezer]

Необходимо выполнить действие на сайте, которое требует подтверждение кода из Google Authenticator.
При вводе кода и нажатии "submit", генерируется следующий POST request:

POST /ubql?rq=Name_A.performAction&uitag=frm-Name_B HTTP/1.1
Host: www.website.com
Content-Length: 7649
Sec-Ch-Ua: " Not A;Brand";v="99", "Chromium";v="92"
Accept: application/json, text/plain, */*
Authorization: ***
Sec-Ch-Ua-Mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json;charset=UTF-8
Origin: https://website.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://website.com/
Accept-Encoding: gzip, deflate
Accept-Language: ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7
Connection: close



[{"entity":"Name_A",
"method":"performAction",
"privCode":"Description",
"otpCode":"123456",
"instance":"Do something"}]
----
На сервере происходит проверка otpCode и в случаи успеха выполняется "instance":"Do something". Если код неверный, то получаем следующий POST response:
---
HTTP/1.1 500 Internal Server Error
Server: nginx
Date:
Content-Type: application/json; charset=UTF-8
Content-Length: 87
Connection: close
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, LOCK, OPTIONS
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *

{"success":false,
"errCode":0,
"errMsg":"<<<otpCode is wrong>>>"}
---
Есть ли возможность каким-то образом изменить запрос request так, чтобы прописать несколько вариантов otpCode (к примеру "otpCode":"123456"or"654321"or"...") и при этом на сервере была проверка разных otpcode?
---
Допустим, что код "654321" верный. При следующих изменениях request выдает следующий response:
"otpCode":"123456"or"654321" - {"success":false,"errCode":0,"errMsg":"HTTP Error 500 - Internal Server Error"}
"otpCode":"123456"||"654321" - {"success":false,"errCode":0,"errMsg":"HTTP Error 500 - Internal Server Error"}
"otpCode":"123456"|"654321" - {"success":false,"errCode":0,"errMsg":"HTTP Error 500 - Internal Server Error"}
"otpCode":"123456|654321" - {"success":false,"errCode":0,"errMsg":"<<<otpCode is wrong>>>"}
"otpCode":"123456||654321" - {"success":false,"errCode":0,"errMsg":"<<<otpCode is wrong>>>"}
"otpCode":"123456or654321" - {"success":false,"errCode":0,"errMsg":"<<<otpCode is wrong>>>"}
"otpCode":123456or654321 - {"success":false,"errCode":0,"errMsg":"HTTP Error 500 - Internal Server Error"}
"otpCode":123456||654321 - {"success":false,"errCode":0,"errMsg":"HTTP Error 500 - Internal Server Error"}
"otpCode":123456|654321 - {"success":false,"errCode":0,"errMsg":"HTTP Error 500 - Internal Server Error"}
"otpCode":"true" - {"success":false,"errCode":0,"errMsg":"<<<otpCode is wrong>>>"}
"otpCode": true - {"success":false,"errCode":0,"errMsg":"<<<otpCode is wrong>>>"}
"otpCode":"false" - {"success":false,"errCode":0,"errMsg":"<<<otpCode is wrong>>>"}
"otpCode":false - {"success":false,"errCode":0,"errMsg":"<<<No otpCode specified>>>"}
request without otpCode line (deleted line) - {"success":false,"errCode":0,"errMsg":"<<<No otpCode specified>>>"}
"otpCode":" " - {"success":false,"errCode":0,"errMsg":"<<<otpCode is wrong>>>"}
"otpCode":"" - {"success":false,"errCode":0,"errMsg":"<<<No otpCode specified>>>"}
"otpCode": - {"success":false,"errCode":0,"errMsg":"HTTP Error 500 - Internal Server Error"}

несколько строк otpCode:
"otpCode":"123456"
...
"otpCode":"654321" - {"success":false,"errCode":0,"errMsg":"<<<OTPCode is wrong>>>"}
---


Есть ли еще какие-то варианты реализации задуманного?

 

[SpotnikSignal]

So you want to SQL injection I am guessing, if it's a string it just checks it against one otpCode. The first signs are not looking good because the "or" isn't working.
But you could try a lot of techniques. What if you add "--" to the end? That's the end the query on that point, which perhaps will not give the 500 server error.
And if you only want to check multiple otpCode's without injection then you can make a script out of it in PHP that loops the requests with Curl.