mirror of
https://github.com/AbdullahRizwan101/CTF-Writeups
synced 2024-11-21 19:43:03 +00:00
Add files via upload
This commit is contained in:
parent
4ce983bd65
commit
b051512396
1 changed files with 43 additions and 0 deletions
43
HackTheBox/MD5-4-life.md
Normal file
43
HackTheBox/MD5-4-life.md
Normal file
|
@ -0,0 +1,43 @@
|
|||
# HackTheBox-Emdee Five For Life
|
||||
|
||||
<img src="https://imgur.com/38Q4TnW.png"/>
|
||||
|
||||
We are presented with this html page having a string and told to encrpyt it with MD5 but when we try to submit it after encrpyting we get a message "Too Slow"
|
||||
|
||||
<img src="https://imgur.com/Cqov6VD.png"/>
|
||||
|
||||
Intercepting the request with `Burp Suite` and found that we have to make a POST request to send the MD5 hash
|
||||
|
||||
<img src="https://i.imgur.com/iOW0886.png"/>
|
||||
|
||||
Also the string is generated randomly so we need to script it and the best language for this is python so I used python libraries `requests` , `hashlib` and `BeautifulSoup`
|
||||
|
||||
```python
|
||||
import hashlib
|
||||
import requests
|
||||
from bs4 import BeautifulSoup
|
||||
|
||||
# Persists cookies across all requests
|
||||
request = requests.session()
|
||||
# URL For the challenge page
|
||||
url = "http://159.65.25.97:31667"
|
||||
page = request.get(url)
|
||||
|
||||
soup = BeautifulSoup(page.content,"html.parser")
|
||||
# Saving the string to be encrpyted
|
||||
string_to_encrpyt = soup.select('h3')[0].text
|
||||
|
||||
# Caluclating hash of the string
|
||||
MD5 = hashlib.md5(string_to_encrpyt.encode('utf-8')).hexdigest()
|
||||
|
||||
# POST data to send
|
||||
data = {'hash' :MD5}
|
||||
|
||||
# Sending data as POST request
|
||||
response = request.post(url,data)
|
||||
print(response.text)
|
||||
```
|
||||
|
||||
<img src="https://i.imgur.com/UOndl6L.png"/>
|
||||
|
||||
We got the flag !!!
|
Loading…
Reference in a new issue