[Web] Lernaean

maybe i just got the wrong tools

@Punchlinekoala said:
i seem to have the wrong wordlist - does anybody used the rockyou lists? Intruder is running wild…

your comment is kind of spoiler :3

@D4n1aLLL said:

@Punchlinekoala said:
i seem to have the wrong wordlist - does anybody used the rockyou lists? Intruder is running wild…

your comment is kind of spoiler :3

Well - hope the edit helps

anyone can help me …i used a lot of tools also and some takes a huge time… i have a lot of trouble to bypass … plz help

@CADMUX said:
anyone can help me …i used a lot of tools also and some takes a huge time… i have a lot of trouble to bypass … plz help

I had the same issue where it was going very slowly, try changing the number of threads it uses.

I have managed to log in but im not sure what to do now (SPOILER)

! I see in the header that Etag:““cd-55532bfca8680-gzip”” and Accept-Encoding:gzip, deflate. What i understand from this is that there is a gzip file which i somehow need to request and it will download - how do i do this? any help please

@ninjat looks like that’s a bit of a rabbit hole, but who knows

@ninjat try and login with a lower level “client”, or interecept the response after submitting the form.

Hints you guys mentioned are more than enough to solve this challenge. after spending couple of day i did laugh at me. Thank you buddies

I’m still having trouble with hydra. Can someone help me?

Same here

@stew3254 PM me i will help about that issue

All i can say is try a bit harder, all the information is there…

Im stuck on this one. I have used Burp to force through every wordlist on Kali except ‘Rockyou’ with no luck. I have tried to load up ‘RockYou’ but it crashes Burp. Am I missing something here or shall I persist with a way to get ‘RockYou’ working?

pm

Im trying with Burp and rockyou but it’s too slow, I’m on right track?

@B0bB0b said:
Im trying with Burp and rockyou but it’s too slow, I’m on right track?
use hydra

Spoiler Removed - Arrexel

@B0bB0b said:
Spoiler Removed - Arrexel

Your command is a little off. You need to use the ‘-s’ flag to specify a port and you need another colon after ‘^PASS^’ for the fail case. It’ll look like “/:password=^PASS^:Invalid password!”

how long does it take to compelete! its been running since morning! or am i going wrong!?

@B0bB0b said:
Im trying with Burp and rockyou but it’s too slow, I’m on right track?

nope