Hello Hackers!
Today I am going to talk about Lernaean Web Challenge in HTB.
As it is written “Don not guess the password”, I thought the flag could be the reverse of this statement, so I just tried to guess the password by trying the common passwords eg admin, password but it did not work, and keep in mind the error message that appears “Invalid password!”
As the field does not have an input validation and the error message appears, I tried to do SQL injection using burp suite, but it did not work
I just googled the name of the website “Lernaean” and look what appeared!
Hydra sounds familiar right? lets go to it
I ran hydra using the per-installed world list
lets break what I wrote hydra -l admin -P /usr/share/wordlists/rockyou.txt docker.hackthebox.eu http-post-form ‘/:password=^PASS^:Invalid password!’ -s 30401
- -l for the username which is admin
- -p for the password worldlist
- then the website’s address
- http-post-form means the type of the request
- ‘/:password=^PASS^ means i want hydra to brute force the password
- :Invalid password! is the error message that appears when you entered a wrong password
- -s means the port
as it appears, the password is leonardo so I put this password in the captured request and the flag appeared
