Tryhackme - Introduction to Django

Tryhackme – Introduction to Django

In this walk through, we will be going through the Introduction to Django room from Tryhackme. This room will teach us about the most popular python web development framework django and how we can use it for the same. So without any delay, let’s get started.

Introduction to Django

Task 1 – Unit 1: Introduction

Task 1 - Unit 1: Introduction

Task 2 – Unit 2: Getting started

Question 1 – How would we create an app called Forms?

python3 startapp Forms

Question 2 – How would we run our project to a local network?

python3 runserver

Task 2 - Unit 2 - Getting started

Task 3 – Unit 3 – Creating a website

Question 1 – Read the above


Task 4 – Unit 4 – Concluding

Question 1 – Flag from GitHub page

The flag


Task 4 - Unit 4 - Concluding

Task 5 – Unit 5 – CTF

Question 1 – Admin panel flag?

wh1terose@fsociety:~/CTF/TryHackme/Introduction to Django$ ssh django-admin@ 
django-admin@'s password: 
Welcome to Ubuntu 18.04 LTS (GNU/Linux 4.15.0-20-generic x86_64)

 * Documentation:
 * Management:
 * Support:

 * Canonical Livepatch is available for installation.
   - Reduce system reboots and improve kernel security. Activate at:

625 packages can be updated.
347 updates are security updates.

Failed to connect to Check your Internet connection or proxy settings

The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.

django-admin@py:~$ ls
django-admin@py:~$ cd messagebox/
django-admin@py:~/messagebox$ ls
db.sqlite3  lmessages  messagebox
django-admin@py:~/messagebox$ cd messagebox/
django-admin@py:~/messagebox/messagebox$ ls
home.html  __pycache__
django-admin@py:~/messagebox/messagebox$ gedit 
Unable to init server: Could not connect: Connection refused

(gedit:1784): Gtk-WARNING **: 18:43:51.334: cannot open display: 
django-admin@py:~/messagebox/messagebox$ nano 

Allowed hosts

django-admin@py:~/messagebox$ python3 createsuperuser
Username (leave blank to use 'django-admin'): 
Email address: 
Password (again): 
This password is too short. It must contain at least 8 characters.
This password is too common.
This password is entirely numeric.
Bypass password validation and create user anyway? [y/N]: y
Superuser created successfully.

Python3 createsuperuser

Django Administration


Question 2 – User flag?

Credentials and pastebin

Pastebin Hash

Hash identifier

Hash found

Username: StrangeFox
Password: WildNature

User flag


Question 3 – Hidden flag?

django-admin@py:~/messagebox/messagebox$ ls
home.html  __pycache__
django-admin@py:~/messagebox/messagebox$ cat home.html 
{% extends 'base.html' %}
{% block title %}Home page{% endblock %}

{% block content %}
	<body bgcolor="#E6E6FA">
	<h1><center>Message box v1.1</center></h1>
	<center><p>Hi! Welcome back to your inbox. Seems like you got a new message!</p></center>
	<center><p>Check it out here:</p></center>
	<center><p><a href="/messages">Messages</a></p></center>
	<!-- Flag 3: THM{django_w1zzard} -->

{% endblock %}


Hidden flag


Task 5 - Unit 5 - CTF

Also Read: Tryhackme – Intro to Endpoint Security

So that was “Introduction to Django” for you. In this module, we learned about the python web framework, django and how we can start with backend development using it to create web applications. At last, we solves a series of questions which test out the concepts and syntax we have learned throughout the room. On that note, i will take your leave, till then “Keep developing”.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top