Try to catch the XSS

Payload length: 0 chars

No brute force please, there is no need