Dear friends, today I will show you how to resolve the CyberHeroes challenge tryhackme.
Let’s start with a service/port scan
Initial scanning
nmap -sC -sV -p- -Pn $IP
It is evident that there is a web service running on port 80 after some dir busting the only interesting part is the login.html page.
If we examine the source code of the page, we can see that the authenticate() javascript function is invoked when we press the login button.
The function reveals the username and password for the login, however the password must be reversed
It is possible to obtain the reverse password using python
print (“54321@terceSrepuS”[::-1])
We will finally get the flag by providing the credentials found it.
