Broken_Authentication

CrazyHorse302 · April 25, 2022, 4:53pm

So far I have two areas that I could use some help with. The questions on Predictable Reset Token section is the first one. I did post a question to another thread regarding this but have not got any response as of yet. Basically I am not sure I am doing the epoch time portion correctly…

My other question is on the guessable answers section. I was able to guess the answer but I would like to understand how to run the python script referenced as well (it is used later in the module as well). I dont understand how to point the python script at my wordlists. Any help would be great! Thank you.

octimus96 · May 12, 2022, 3:13pm

what wordlist do you use to get the answer???

CrazyHorse302 · May 13, 2022, 4:17am

for which part?

octimus96 · May 13, 2022, 10:39am

on guesseable answer

CrazyHorse302 · May 14, 2022, 1:25am

I never found one. I guessed the answer…

octimus96 · May 14, 2022, 1:27am

really??? there exist a lot of boxes, can you give me a hint?

CrazyHorse302 · May 14, 2022, 1:30am

sure, the one I figured out was the color. If you want a hint on the color I can do that but it will give it away I’m sure.

octimus96 · May 14, 2022, 10:15am

thanks, one last question the excersise of reset token in predictable reset token “Request a reset token for htbuser and find the encoding algorithm, then request a reset token for htbadmin to force a password change and forge a valid temp password to login. What is the flag?” i can find the htbuser reset token but i cant figurate how i can get the htbadmin

Darcia · July 19, 2022, 11:48am

Yes, I support it, it would be great if someone gave a hint for these two tasks.

How to forge a valid temporary login password for htbadmin
How would I configure the predictable_questions_py script so that it would sort out the question options for htbadmin

Darcia · July 26, 2022, 12:26pm

I managed to guess the color in the “Guessable Answers” task, but I really want to understand how the script works.
How to adapt the script that was given as an example in that task.
(https://academy.hackthebox.com/storage/modules/80/scripts/predictable_questions_py.txt)
Who completed the task using a script and not guessing the answer to the question?

lucazzz · August 11, 2022, 4:43pm

About predictable questions, I completed the task with my own scripts. I just cycled for the HTB Boxes machines. Scaping the HTB site, I got my wordlist of known and predictable answers. Hope this could help.

lucazzz · August 11, 2022, 4:53pm

For the epoch time, I got some problems with the datetime displayed. Because I didn’t get either the htbuser token into a small timeshift, I figured out that something could be messing with the time.
Then I got the hash. Find the right time locally for the htbuser and then use it as the base time for the online tests… Hope this would help.

Haxerr · January 14, 2023, 7:43am

Just completed it using Burp and Script both! Actually the script is pretty easy to use, we just had to change the target url and question to our preferred one. Then to run the script we had to provide a payload list e.g. python script.py payloads.txt
That’s it!
The script basically sends POST request with our payload as answer to the question and checks for invalid string. If found, the answer wasn’t correct (needle, haystack)

Darcia · January 15, 2023, 12:22pm

Thanks for the answer, I’ll have to check it out!