[Web] Lernaean

13

Comments

  • Peace of Cake :bleep_bloop:

  • edited April 2018

    Spoiler Removed - Arrexel

  • im assuming it's probably not running on port 80?

    when you get stuck like this, try running through burp so you can see what's happening. you can set a listener on port 80 and tell it to pass all traffic to the ip/port of the challenge. then you can direct your tool at localhost port 80, and see what's happening.

  • This thread was full of spoilers. Please be more careful about what information you post about challenges/machines.

    Arrexel

  • edited April 2018

    Spoiler Removed - Arrexel

    d3m0nr007

  • edited April 2018

    @d3m0nr007 said:
    Spoiler Removed - Arrexel

    I struggled with that as well. Just carefully go over the Spoiler Removed - Arrexel you should get it.

  • edited April 2018

    Oh my god.... Am i blind?? It was just over there and didn't see it. Thanks. Just gone through the data really carefully. > @it4chi said:

    @d3m0nr007 said:
    I found the password but i am stuck in the second part. I am intercepting the requests and i can see the responses. i found the tag. Don't know what to do next. Hints please...

    I struggled with that as well. Just carefully go over the Spoiler Removed - Arrexel you should get it.

    d3m0nr007

  • I am a complete noob what am I missing it looks like hydra gave me the password and I type it in but its still invalid Im reading everything on every Tab but its all like reading Hieroglyphs

  • Can someone give a hint please. I'm using Hydra with http-post-form without ^USER^, am I on right way? And some passwords with this params response without "Invalid password!" but there still doesnt works. And I'll already doing interception with burp, but can't figure out something unusual, what I need to mentioned?

  • Hey guys, I need some hint on the part after I intercept the message with HTB..... what do i do with it? can't figure it out.

    Thanks!

  • edited April 2018

    Spoiler Removed - Arrexel

  • edited April 2018

    Spoiler Removed - Arrexel

  • edited April 2018

    Spoiler Removed - Arrexel

  • edited April 2018

    @BernardoPie said:
    Spoiler Removed - Arrexel

    Take a look at the comment above. You are on the right path.

  • edited May 2018

    I've got a flag in the correct format HTB{string} but it is not validating. Any hints?

    // edit: it actually accepted it, it's just saying that it's invalid.

  • Well that was frustrating. I was sure the flag was right, but it wouldn't accept. Look at it from a different perspective and it all made sense.

  • edited May 2018

    Im still having trouble with the 2nd part, im looking at the response but I dont know what to look for.

  • edited June 2018

    I am stuck at the first part.
    1) How many passwords am I supposed (and allowed) to bruteforce?
    I wrote a simple Javascript script and tried all passwords in
    http://downloads.skullsecurity.org/passwords/john.txt.bz2
    and
    http://downloads.skullsecurity.org/passwords/500-worst-passwords.txt.bz2
    HackTheBox rules state that "Any form of DoS (Denial of Service) is forbidden" so I am a bit hesitant to bruteforce the whole rockyou set.
    2) People here write about using Hydra and Burp. Is there something special about using those programs or is it just a way not to write your own bruteforcing script?

    Update: Password is found but the first questions remains for other challenges of the site: how much am I allowed to bruteforce?

    Update 2: Solved but the questions remain

  • @nns2009 said:
    I am stuck at the first part.
    1) How many passwords am I supposed (and allowed) to bruteforce?
    I wrote a simple Javascript script and tried all passwords in
    http://downloads.skullsecurity.org/passwords/john.txt.bz2
    and
    http://downloads.skullsecurity.org/passwords/500-worst-passwords.txt.bz2
    HackTheBox rules state that "Any form of DoS (Denial of Service) is forbidden" so I am a bit hesitant to bruteforce the whole rockyou set.
    2) People here write about using Hydra and Burp. Is there something special about using those programs or is it just a way not to write your own bruteforcing script?

    Update: Password is found but the first questions remains for other challenges of the site: how much am I allowed to bruteforce?

    Update 2: Solved but the questions remain

    you don't need bruteforce, try to understand how login work on this website

  • @justromeo said:
    you don't need bruteforce, try to understand how login work on this website

    Do you want to say that this challenge allows multiple solutions?
    I would assume that challenges not designed to be bruteforced would have strong enough password

  • @nns2009 said:

    @justromeo said:
    you don't need bruteforce, try to understand how login work on this website

    Do you want to say that this challenge allows multiple solutions?
    I would assume that challenges not designed to be bruteforced would have strong enough password

    This challenge is designed to be brute forced. I'm not sure there's a hard and fast rule on DoS (for challenges), but there are definitely some challenges where throwing rockyou at the running service is the correct thing.

    drtychai

  • Solved it in a minute. Feel free to ping me up if you need guidance.

  • @FloptimusCrime said:

    @atti said:
    Spoiler Removed - Arrexel, can't get the second part. I am intercepting but I can't find the redirect.

    Check all the tabs in burp proxy

    Guys that are logged in and are stucked should really follow @FloptimusCrime responses, check all tabs in burp intercept response tab

  • The tips are on the login page, read carefully, after completing the first part, intercept the request and use the head, if necessary, repeat.

  • I Use hydra and burp to do this.
    PM if u need a tip :)

    sckull

  • If you need subtle hints and some education with it, feel free to PM :D

  • I'm using Burp and Hydra, but can anyone point me to a tutorial/ hints on how its done so much faster, there must be another way the brute forcing it.

  • @GChester google out Lernaean.

    pzylence
    OSCP

  • Problem solved. I’d got my syntax wrong...
  • solved, instructive challenge

    TheInnocent

    "I recognize, Mr. Reese, that there's a disparity between how much I know about you and how much you know about me. I know you'll be trying to close that gap as quickly as possible. But I should tell you... I'm a really private person."

Sign In to comment.