Skills Assessment - Broken Authentication

Hey !

i used your script to get the permutations of the shortlist and some contrycodes lit 1 or 49 or 211 but when i fuzz the message i cannot get a hit
am i using the wrong country codes ?

kind regards
porta

Ok I’m lost I ran the modified the rate_limit.py script against support(all five) and admin(all five). I don’t know where to go from there. I haven’t tried guest yet. This was the grep command I used:

sudo grep ‘[1]’ ‘/home/htb-ac397863/Desktop/Useful Repos/SecLists/Passwords/Leaked-Databases/rockyou.txt’ | grep ‘[[:digit:]]$’ | grep “:/?#@!$&'*()-_+=,.;%{}” | grep -E ‘^.{20,}$’ > list.txt

the list had a total of 96 passwords is this right?


  1. [:upper:] ↩︎

you dont need a password, if you have all the accounts there are … create a tolken

edit: true you first need the password for a support account thanks for pointing that out dfgdfdfgdfd

Password is quite useful to get a cookie and check the cookie pattern to
elevate from support to admin

3 Likes

I ended up getting it and got the flag but I had to do it manually @dfgdfdfgdfd you used the rate_limit.py script right? Could I message you my script and can you take a look at it to see where I went wrong. @PortaHelle I’m going to message you too.

Can you help me? Which command did you use to make wordlist? I think I have mistakes in my command: sudo grep ‘[1]’ ‘rockyou.txt’ | grep ‘[[:lower:]]’| grep ‘[[:digit:]]$’ | grep -E ‘^.{20,}’ | grep [[:punct:]]


  1. [:upper:] ↩︎

I don’t know if you created an account, but if you did you’re making your list too big.

Take out punct command and make your grep to target these:

I make new command
sudo grep ‘[1]’ ‘rockyou.txt’ | grep ‘[[:lower:]]’| grep ‘[[:digit:]]$’ | grep -E ‘^.{20,}’ | grep ‘[@#$]’

and found 14 password
But passwords doesn’t work.
Can I show pass which I found?


  1. [:upper:] ↩︎

Hi , i still couldn’t find the correct syntax for the usernames. Give me some hints ?

Guys I’ve been at this for days. I’ve enumerated the usernames with Burp Suite (really easy) and I’ve figured out the password requirements. I built a grep command that I thought worked, and it gave me about 6 results. I’ve been fiddling with ChatGPT this week and I actually asked it to generate a grep command with the same terms to check mine and, although it structured the command a bit differently, the results were the same (ChatGPT is amazing btw).

I then edited the rate limit script they provided in the module and tested it against the account I created with my password in the list to check if the script works. Which it does.

However, when I use my password list against the support accounts I enumerated I get nothing. What am I doing wrong? Can anyone nudge me in the right direction?

What country codes are you using?, I just solved the user-enum part. The country codes are mentioned in the “brute forcing usernames” section