Tryhackme - Introduction to Django

Tryhackme – Introduction to Django

In this walk through, we will be going through the Introduction to Django room from Tryhackme. This room will teach us about the most popular python web development framework django and how we can use it for the same. So without any delay, let’s get started.

Introduction to Django

Task 1 – Unit 1: Introduction

Task 1 - Unit 1: Introduction

Task 2 – Unit 2: Getting started

Question 1 – How would we create an app called Forms?

python3 manage.py startapp Forms

Question 2 – How would we run our project to a local network?

python3 manage.py runserver 0.0.0.0:8000

Task 2 - Unit 2 - Getting started

Task 3 – Unit 3 – Creating a website

Question 1 – Read the above

Done

Task 4 – Unit 4 – Concluding

Question 1 – Flag from GitHub page

The flag

THM{g1t_djang0_hUb}

Task 4 - Unit 4 - Concluding

Task 5 – Unit 5 – CTF

Question 1 – Admin panel flag?

wh1terose@fsociety:~/CTF/TryHackme/Introduction to Django$ ssh [email protected] 
[email protected]'s password: 
Welcome to Ubuntu 18.04 LTS (GNU/Linux 4.15.0-20-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage


 * Canonical Livepatch is available for installation.
   - Reduce system reboots and improve kernel security. Activate at:
     https://ubuntu.com/livepatch

625 packages can be updated.
347 updates are security updates.

Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check your Internet connection or proxy settings


The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.

django-admin@py:~$ ls
messagebox
django-admin@py:~$ cd messagebox/
django-admin@py:~/messagebox$ ls
db.sqlite3  lmessages  manage.py  messagebox
django-admin@py:~/messagebox$ cd messagebox/
django-admin@py:~/messagebox/messagebox$ ls
home.html  __init__.py  __pycache__  settings.py  urls.py  views.py  wsgi.py
django-admin@py:~/messagebox/messagebox$ gedit settings.py 
Unable to init server: Could not connect: Connection refused

(gedit:1784): Gtk-WARNING **: 18:43:51.334: cannot open display: 
django-admin@py:~/messagebox/messagebox$ nano settings.py 
django-admin@py:~/messagebox/messagebox$ 

Allowed hosts

django-admin@py:~/messagebox$ python3 manage.py createsuperuser
Username (leave blank to use 'django-admin'): 
Email address: 
Password: 
Password (again): 
This password is too short. It must contain at least 8 characters.
This password is too common.
This password is entirely numeric.
Bypass password validation and create user anyway? [y/N]: y
Superuser created successfully.

Python3 manage.py createsuperuser

Django Administration

THM{DjanGO_Adm1n}

Question 2 – User flag?

Credentials and pastebin

Pastebin Hash

Hash identifier

Hash found

Username: StrangeFox
Password: WildNature

User flag

THM{SSH_gUy_101}

Question 3 – Hidden flag?

django-admin@py:~/messagebox/messagebox$ ls
home.html  __init__.py  __pycache__  settings.py  urls.py  views.py  wsgi.py
django-admin@py:~/messagebox/messagebox$ cat home.html 
{% extends 'base.html' %}
{% block title %}Home page{% endblock %}

{% block content %}
	<body bgcolor="#E6E6FA">
	<h1><center>Message box v1.1</center></h1>
	<br>
	<center><p>Hi! Welcome back to your inbox. Seems like you got a new message!</p></center>
	<center><p>Check it out here:</p></center>
	<center><p><a href="/messages">Messages</a></p></center>
	<!-- Flag 3: THM{django_w1zzard} -->

{% endblock %}

django-admin@py:~/messagebox/messagebox$ 

Hidden flag

THM{django_w1zzard}

Task 5 - Unit 5 - CTF

Also Read: Tryhackme – Intro to Endpoint Security

So that was “Introduction to Django” for you. In this module, we learned about the python web framework, django and how we can start with backend development using it to create web applications. At last, we solves a series of questions which test out the concepts and syntax we have learned throughout the room. On that note, i will take your leave, till then “Keep developing”.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top