Hey !
i used your script to get the permutations of the shortlist and some contrycodes lit 1 or 49 or 211 but when i fuzz the message i cannot get a hit
am i using the wrong country codes ?
kind regards
porta
Ok I’m lost I ran the modified the rate_limit.py script against support(all five) and admin(all five). I don’t know where to go from there. I haven’t tried guest yet. This was the grep command I used:
sudo grep ‘[1]’ ‘/home/htb-ac397863/Desktop/Useful Repos/SecLists/Passwords/Leaked-Databases/rockyou.txt’ | grep ‘[[:digit:]]$’ | grep “:/?#@!$&'*()-_+=,.;%{}” | grep -E ‘^.{20,}$’ > list.txt
the list had a total of 96 passwords is this right?
-
[:upper:] ↩︎
you dont need a password, if you have all the accounts there are … create a tolken
edit: true you first need the password for a support account thanks for pointing that out dfgdfdfgdfd
Password is quite useful to get a cookie and check the cookie pattern to
elevate from support to admin
3 Likes
I ended up getting it and got the flag but I had to do it manually @dfgdfdfgdfd you used the rate_limit.py script right? Could I message you my script and can you take a look at it to see where I went wrong. @PortaHelle I’m going to message you too.
Can you help me? Which command did you use to make wordlist? I think I have mistakes in my command: sudo grep ‘[1]’ ‘rockyou.txt’ | grep ‘[[:lower:]]’| grep ‘[[:digit:]]$’ | grep -E ‘^.{20,}’ | grep [[:punct:]]
-
[:upper:] ↩︎
I don’t know if you created an account, but if you did you’re making your list too big.
Take out punct command and make your grep to target these:
I make new command
sudo grep ‘[1]’ ‘rockyou.txt’ | grep ‘[[:lower:]]’| grep ‘[[:digit:]]$’ | grep -E ‘^.{20,}’ | grep ‘[@#$]’
and found 14 password
But passwords doesn’t work.
Can I show pass which I found?
-
[:upper:] ↩︎
Hi , i still couldn’t find the correct syntax for the usernames. Give me some hints ?
Guys I’ve been at this for days. I’ve enumerated the usernames with Burp Suite (really easy) and I’ve figured out the password requirements. I built a grep command that I thought worked, and it gave me about 6 results. I’ve been fiddling with ChatGPT this week and I actually asked it to generate a grep command with the same terms to check mine and, although it structured the command a bit differently, the results were the same (ChatGPT is amazing btw).
I then edited the rate limit script they provided in the module and tested it against the account I created with my password in the list to check if the script works. Which it does.
However, when I use my password list against the support accounts I enumerated I get nothing. What am I doing wrong? Can anyone nudge me in the right direction?
What country codes are you using?, I just solved the user-enum part. The country codes are mentioned in the “brute forcing usernames” section