[Web] Lernaean

Same here

@stew3254 PM me i will help about that issue

All i can say is try a bit harder, all the information is there…

Im stuck on this one. I have used Burp to force through every wordlist on Kali except ‘Rockyou’ with no luck. I have tried to load up ‘RockYou’ but it crashes Burp. Am I missing something here or shall I persist with a way to get ‘RockYou’ working?

pm

Im trying with Burp and rockyou but it’s too slow, I’m on right track?

@B0bB0b said:
Im trying with Burp and rockyou but it’s too slow, I’m on right track?
use hydra

Spoiler Removed - Arrexel

@B0bB0b said:
Spoiler Removed - Arrexel

Your command is a little off. You need to use the ‘-s’ flag to specify a port and you need another colon after ‘^PASS^’ for the fail case. It’ll look like “/:password=^PASS^:Invalid password!”

how long does it take to compelete! its been running since morning! or am i going wrong!?

@B0bB0b said:
Im trying with Burp and rockyou but it’s too slow, I’m on right track?

nope

part my command isnt like by the tool, but I dont see what is wrong with it, all conditions appear to be present per its help file: -U http-post-form “/:password=^PASS^:Invalid password!”

I dont know why it is finding an additional colon after the !

Help for module /:password=^PASS^:Invalid password!:

The Module /:password=^PASS^:Invalid password! does not need or support optional parameters

Got it. SImple syntax error

Hey guys, I’ve gotten to the second part of the challenge and am pretty stuck. I understand that the next solution is with the ETag: “cd-55532bfca8680-gzip” . But I’ve tried Intercepting and changing the value and the If-None-Match value; I’ve thrown it in the Repeater… Not quite sure where to go next, still reading up on these parameters.

can someone suggest some valid wordlist to crack this thing! tried rockyou and the 10k sec one. nothing seems to work.

@Boakill said:
Hey guys, I’ve gotten to the second part of the challenge and am pretty stuck. I understand that the next solution is with the ETag: “cd-55532bfca8680-gzip” . But I’ve tried Intercepting and changing the value and the If-None-Match value; I’ve thrown it in the Repeater… Not quite sure where to go next, still reading up on these parameters.

Hey @Boakill did you complete it. m stuck in the same place too. got any suggestions!?

Spoiler Removed - Arrexel

@MorningStar I have not figured it out yet. Haven’t had much time recently. If anyone has any pointers with the CTF part I’d be more that grateful. No spoilers though, still want to figure it out.

I feel blind… It was right in front of my face… My hint for those stuggling would be to read everything and make sure you know how to submit the final string. Good luck!!!

Spoiler Removed - Arrexel