Vernilo hacks stuff
  • Home
  • 📦Hack The Box Write-ups
    • 📋Challenges
      • 🟢Reversing: Baby RE
      • 🟢Crypto: Templed
      • 🟢Crypto : Bank Heist
      • 🟢Web: emdee five for life
      • 🟠Web: Freelancer
    • 🖥️Machines
      • 🟢Spectra
      • 🟢Blunder
      • 🟢Cap
      • 🟢Knife
      • 🟠The Notebook
  • 🌧️Try Hack Me Write-ups
    • 🟢RootME
    • 🟢Pickle Rick
    • 🟢Ignite
    • 🟢Bounty Hacker
    • 🟠Dogcat
  • 📝Blog Posts
    • 🔗Understanding potential vulnerabilities in authentication mechanisms
Powered by GitBook
On this page

Was this helpful?

  1. Hack The Box Write-ups
  2. Challenges

Web: emdee five for life

PreviousCrypto : Bank HeistNextWeb: Freelancer

Last updated 3 years ago

Was this helpful?

Description

"Can you encrypt fast enough?"

the site has a field that asks for an encrypted text in md5:

but when we encrypt and put it manually, it says we are too slow, and gives another text

we deduce that we have to automate to make it fast

for this I used python3, with the libs : requests, hashlib and bs4

requests to make the connection to the site; hashlib to encrypt the text in md5; bs4 to get the text that will be encrypted;

so I wrote the code:

import requests
from hashlib import md5
from bs4 import BeautifulSoup

site = "http://docker.hackthebox.eu:31014/"

r = requests.session()
getreq = r.get(site)
h3tag = BeautifulSoup(getreq.text, 'html.parser').find('h3')
Encrypted = md5((str(h3tag)[19:-5]).encode("utf-8")).hexdigest()
data = {'hash':Encrypted}
send = r.post(site,data)
print(send.text)

it connects to the site, finds the h3 tag, takes what it contains, encrypts and sends it as data

this give us the flag

📦
📋
🟢
image
image