In this walk through, we will be going through the Introduction to Django room from Tryhackme. This room will teach us about the most popular python web development framework django and how we can use it for the same. So without any delay, let’s get started.
Task 1 – Unit 1: Introduction
Task 2 – Unit 2: Getting started
Question 1 – How would we create an app called Forms?
python3 manage.py startapp Forms
Question 2 – How would we run our project to a local network?
python3 manage.py runserver 0.0.0.0:8000
Task 3 – Unit 3 – Creating a website
Question 1 – Read the above
Done
Task 4 – Unit 4 – Concluding
Question 1 – Flag from GitHub page
THM{g1t_djang0_hUb}
Task 5 – Unit 5 – CTF
Question 1 – Admin panel flag?
wh1terose@fsociety:~/CTF/TryHackme/Introduction to Django$ ssh [email protected] [email protected]'s password: Welcome to Ubuntu 18.04 LTS (GNU/Linux 4.15.0-20-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage * Canonical Livepatch is available for installation. - Reduce system reboots and improve kernel security. Activate at: https://ubuntu.com/livepatch 625 packages can be updated. 347 updates are security updates. Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check your Internet connection or proxy settings The programs included with the Ubuntu system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. django-admin@py:~$ ls messagebox django-admin@py:~$ cd messagebox/ django-admin@py:~/messagebox$ ls db.sqlite3 lmessages manage.py messagebox django-admin@py:~/messagebox$ cd messagebox/ django-admin@py:~/messagebox/messagebox$ ls home.html __init__.py __pycache__ settings.py urls.py views.py wsgi.py django-admin@py:~/messagebox/messagebox$ gedit settings.py Unable to init server: Could not connect: Connection refused (gedit:1784): Gtk-WARNING **: 18:43:51.334: cannot open display: django-admin@py:~/messagebox/messagebox$ nano settings.py django-admin@py:~/messagebox/messagebox$
django-admin@py:~/messagebox$ python3 manage.py createsuperuser Username (leave blank to use 'django-admin'): Email address: Password: Password (again): This password is too short. It must contain at least 8 characters. This password is too common. This password is entirely numeric. Bypass password validation and create user anyway? [y/N]: y Superuser created successfully.
THM{DjanGO_Adm1n}
Question 2 – User flag?
Username: StrangeFox Password: WildNature
THM{SSH_gUy_101}
Question 3 – Hidden flag?
django-admin@py:~/messagebox/messagebox$ ls home.html __init__.py __pycache__ settings.py urls.py views.py wsgi.py django-admin@py:~/messagebox/messagebox$ cat home.html {% extends 'base.html' %} {% block title %}Home page{% endblock %} {% block content %} <body bgcolor="#E6E6FA"> <h1><center>Message box v1.1</center></h1> <br> <center><p>Hi! Welcome back to your inbox. Seems like you got a new message!</p></center> <center><p>Check it out here:</p></center> <center><p><a href="/messages">Messages</a></p></center> <!-- Flag 3: THM{django_w1zzard} --> {% endblock %} django-admin@py:~/messagebox/messagebox$
THM{django_w1zzard}
Also Read: Tryhackme – Intro to Endpoint Security
So that was “Introduction to Django” for you. In this module, we learned about the python web framework, django and how we can start with backend development using it to create web applications. At last, we solves a series of questions which test out the concepts and syntax we have learned throughout the room. On that note, i will take your leave, till then “Keep developing”.