嗯,用户让我用中文帮他总结一下这篇文章的内容,控制在100个字以内。首先,我需要仔细阅读文章,理解其主要内容。 文章讲的是一个叫做CyberHeroes的TryHackMe房间,属于初级水平。目标是通过检查暴露的Web逻辑来破解客户端身份验证。作者首先进行了Nmap扫描,发现开放了SSH和HTTP服务。接着访问HTTP服务,登录页面有一个JavaScript块,里面包含了硬编码的用户名和反转的密码字符串。通过反转字符串,作者得到了密码,并成功登录获取了flag。 总结的时候要注意控制字数,并且不要使用特定的开头词。我应该涵盖主要步骤:扫描、检查JavaScript、获取凭证、登录并获得flag。同时要突出客户端逻辑的重要性。 现在组织语言,确保简洁明了。可能需要提到Nmap扫描、JavaScript中的凭证、反转密码以及最终获取flag的过程。 </think> 文章描述了一个TryHackMe房间“CyberHeroes”,通过检查暴露的JavaScript代码获取用户名和密码,成功登录并获得flag。该过程展示了客户端逻辑的重要性。 2026-1-10 08:5:41 Author: infosecwriteups.com(查看原文) 阅读量:5 收藏
Press enter or click to view image in full size
Introduction
CyberHeroes is a beginner-level TryHackMe room focused on breaking weak client-side authentication by inspecting exposed web logic. The goal is to find a way to log in using what the application itself reveals.
Room link: https://tryhackme.com/room/cyberheroes
Initial Reconnaissance
I started with a basic Nmap scan to understand what services were exposed on the target.
~$ nmap -sV 10.48.153.105PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.4 (Ubuntu Linux; protocol 2.0)
80/tcp open http Apache httpd 2.4.48 ((Ubuntu))
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
There are two services running:
- SSH on port 22
- HTTP on port 80
Web Exploitation
Since port 80 was open, I navigated to it directly in the browser.
Press enter or click to view image in full size
The landing page turned out to be a simple index page with three tabs, including an About section and a Login page.
The login page displayed a familiar challenge message inviting me to prove my hacking skills. With no credentials available upfront, I checked the page source and came across the following JavaScript block:
Press enter or click to view image in full size
This is where everything clicked. The script validates the input by checking a hardcoded username and a reversed password string.
if (a.value=="h3ck3rBoi" & b.value==RevereString("54321@terceSrepuS"))Reversing the string reveals the password as SuperSecret@12345. With that, the required credentials became clear.
Get Death Esther’s stories in your inbox
Join Medium for free to get updates from this writer.
Username
h3ck3rBoiPassword
SuperSecret@12345Capturing the Flag
After logging in with the above credentials, the page returned the flag.
Press enter or click to view image in full size
flag{edb0be532c540b1a150c3a7e85d2466e}Conclusion
CyberHeroes was a short but clean room that reinforced a core lesson I keep coming back to: never ignore what the client side is doing. A simple look at exposed JavaScript was enough to break the authentication logic and reach the goal. No noise, no detours, just paying attention to what was already in plain sight.
Thanks for taking the time to read this walkthrough. If you found it useful and want more TryHackMe writeups like this, you can check out my GitHub repository here: TryHackMe walkthrough
More rooms, more notes, same hands-on approach.
如有侵权请联系:admin#unsafe.sh