Try Hack Me: Advent of Cyber 2021 - Day 3
HTML-код
- Опубликовано: 11 сен 2024
- Play this TryHackMe Room with me tryhackme.com/...
Hi everyone, something a bit different this week, I've worked with TryHackMe to produce a little walkthrough of their day 3 challenge, don't worry if you've not started it's only day 3 and you can totally catch up! If you're not already using TryHackMe it's a CTF/learning platform for learning a bunch of security topics, and if you're used to learning in school you'll probably vibe really well. There are distinct learning paths that they take you through and each one is a little tutorial with some questions at the end. It's really affordable and has a student discount. Full disclosure: This video was not paid for by TryHackMe, I just like the website and said yes when they asked for some help with making videos. They did send me some swag, but that's all.
For more information on the event and giveaway check out tryhackme.com/...
Thank you for the explanation. Also small things like when backing out of a directory saying that you are using the hotkey 'Q', really helps!!
hey! its really hard to see anything on your screen, could you please add a better quality screens or so?
is possible you increase your zoom% in these? Content on your screen is extremely hard to see.
Hi new to the channel. Great video and audio but very hard to see your typing.
Wish the text was a bit bigger
I think this challenge isn't public yet... please let me know...I saw my dashboard still has day 2
it is released now check it again
pretty cool activities !! I learn a lot with this room. Thanks for your video.
Good room as a reminder of some good tools and importance of changing defaults
Thanks Katie! Very easy to follow along and learn a few new tricks along the way, Cheers 🍻
Thanks for this!
Thank you for the walk through!
Thanks THM; a fun way to learn.
BUT - the idea of manually "trying" various passwords is the opposite of the goal of this room IMO, especially since it states "we can use tools to do this process for us at a considerably faster rate". I tried ffuf [which I was introduced to through THM - thanks!] but to no avail. Can someone offer suggestions on how to use a tool [vs guessing] to discover administrator's password?
I wouldn’t usually “guess” passwords either but it’s always worth checking admin/admin or googling for default passwords if it’s a deployable software because it takes a few secs but can be really useful. If you want to brute force you can try the rockyou.txt password list with something like ffuf or intruder. It’s also on THM and the attack box
You can try with Brup and the intruder. You intercept the post request, send it to the intruder and with a payload (wordlist in burp), you can try a list of password.
In the case of the event, I was able to find the password in the folder admin in a javascript file. I don't remember the name exactly but it was in the admin folder of the webserver. It was possible to find the password in a simple else/if statement :)
Happy Christmas-hacking :D
Great explanation! Thank you for uploading
For some reason when typing in the machine address to view the web page I get an error and the page doesn't load :/. Anyone else get this issue? I had to get the answers from this video but still learned a bit from this.
For me, the page didn't load as well. I stopped the page from loading and then it appeared. Don't know why. For a reason, it doesn't stop loading while showing nothing until I stopped it from loading and the page appears. Then I could do the task.
Whats really funny is when i tried to use firefox with try hack me IT LOOKED NOTHING LIKE THE THE EXAMPLES ON THE SCREEN THAT THEY SHOW YOU!!
I love it ! did it today
just now got here...
chef wuz here
In norway advent calanders are realy common
thanks for the content \o/
Hey, can you do a series of web security academy of portswigger? Its hard for me to understand even with the solutions and don't seem to find descriptive solution on youtube
Yes! Totally will :D
Great explanation thanks !!
Thanks for the video.
Well done! Thank you! made a abo!
This one was too ez
volume is way too low but thanks anyway :)
cOOL!
This one was hard for me
More cool stuff
Its not as easy as they say it is
احبش
tq for your kind information i love it