The Dutch Hacker
Introduction to Django on tryhackme

Introduction to Django on Tryhackme

This is the write up for the room Introduction to Django on Tryhackme and it is part of the Web Fundamentals Path

Make connection with VPN or use the attackbox on Tryhackme site to connect to the Tryhackme lab environment.

Tasks Introduction to Django

Task 1

Read all that is in the task and press complete

Task 2

First create a new directory to hold the project. Type in

mkdir django
django-admin startproject Thebeginning

The navigate into the drectoy by typing

cd Thegebinning

then type

python3 manage.py migrate

To start it al up type in the command

python3 manage.py runserver

Now navigate with firefox to the IP giving the the terminal

Now press control + c in the terminal to backout of the website and type in the follwoing command

python3 manage.py createsuperuser

now startup the server again by typing

python3 manage.py runserver

Navigate to

http://127.0.0.1:8000/admin/

and login

Introduction to Django tryhackme

The answer of the questions in this task can be found in the tekst of the task

2.1 How would we create an app called Forms? 

Answer: python3 manage.py startapp forms

2.2 How would we run our project to a local network?

python3 manage.py runserver 0.0.0.0:8000

Task 3

Read all that is in this task and follow along then press complete

Task 4

Open this github page that is in the task and look at the bottom to find the flag

Task 5

Startup the machine attached to the task. Then ssh into the machine by typing

When navigating to the site we see we are not allowed

Introduction to Django tryhackme

We need to fix this first. Let’s ssh into the machine

ssh django-admin@MACHINE_IP

Use the password giving in the task.

Introduction to Django tryhackme

Now add theIP to the allowed host

Introduction to Django tryhackme

if we now visit the site we see

Introduction to Django tryhackme

When reading the message we see nothing of interest. Let’s see if we can see the admin page.

admin logn

We do not have those credentials but we can create it

Type in the following in the terminal.

python3 manage.py createsuperuser
Introduction to Django tryhackme

Now login in

Click on users and see the first flag

ALs notice the SSH username. It has a hash. When we navigate to the pastebin.com we see the hash/Copy this hash and head over to crtackstation.net and put in the hash. You now have the password

So we have a username StrangeFox and the password we have from the hash. Now login with these creadentials trough ssh

user flag

Now we have the second flag

Back to the terminal where we are login in as django-admin. If you are logged out then ssh back in. When looking around I notice one file that was not covered in all the task

cat the home.html and find the last flag
last flag

Most Popular Post

Sign Up

Signup today for free and be the first to get notified on new updates.
* indicates required

Follow Me

Most Popular Post

Contact Us