# Introduction to Django Framework

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983502030/4e115f95-1565-4c39-8836-2489dbee86cd.jpeg)

I recently picked up the basics of flask and have been wanting to learn Django. Here's my go @ it with the help of [TryHackMe](https://tryhackme.com/room/django)! Django is a high-level Python web framework that enables the rapid development of secure and maintainable websites. It allows you to develop websites and web applications in a matter of hours.

Django can automatically compile HTML code, therefore making it possible for anyone without any advanced knowledge in markup languages to develop a website. Additionally, Django is arguably one of the most secure developing frameworks, which in the right configuration, can strongly resist SQL injections and XSS.

In terms of penetration testing, it's critical to grasp the basic structure of Django-powered websites in order to spot potential flaws and developer errors.

[All Source Files](https://github.com/ItsNee/DjangoExampleTemplate.git)

* * *

Getting Started
---------------

Here's how to get started with Django on your local machine!

### Installing Django

    ┌──(root💀4pfsec)-[~/boxes/thm/django]
    └─# pip3 install Django==2.2.12

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983503291/c7d1823e-a66d-4dd0-bec1-0e0adad10f52.png)

### Creating new Project

    ┌──(root💀4pfsec)-[~/boxes/thm/django]
    └─# django-admin startproject site_4pfsec

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983504427/1f14c37e-54ea-418b-b182-2a59e6912ea8.png)

### Configure created Project

`manage.py` is a command-line utility that lets you interact with your Django project in various ways. It is especially handy in creating web apps, managing databases, and most importantly running the server.

    ┌──(root💀4pfsec)-[~/boxes/thm/django/site_4pfsec]
    └─# ls
    manage.py  site_4pfsec
    
    ┌──(root💀4pfsec)-[~/boxes/thm/django/site_4pfsec]
    └─# python3 manage.py migrate

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983505454/d7435461-eaef-4876-abea-83a17bf58b24.png)

    ┌──(root💀4pfsec)-[~/boxes/thm/django/site_4pfsec]
    └─# ls
    db.sqlite3  manage.py  site_4pfsec

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983506608/c45f4bb0-28dd-4c15-b894-6cb61bd978d0.png)

### Run Django Server

The basic syntax for using this utility is `python3 manage.py {command}`

**Modify Bind Host**

Modify line 28. Add `0.0.0.0` and `127.0.0.1`  
`~/django/site_4pfsec/site_4pfsec/settings.py`

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983507634/cbec273f-097e-4dc6-8efd-fbe8955bb3b8.png)

**runserver**

Runserver is the most important command used with manage.py. It allows you to deploy your website on the server. Django has a wonderful feature that allows you to instantly see changes made on the website without restarting it. (It is only necessary to restart runserver command when adding a new app).

    ┌──(root💀4pfsec)-[~/boxes/thm/django/site_4pfsec]
    └─# python3 manage.py runserver 0.0.0.0:8000 

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983509005/c030c7fa-5bc2-4216-9f8f-5baa7621279c.png)

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983510075/94ebda9c-d30a-47e4-85a5-f12a6ce8379d.png)

**createsuperuser**

This command allows you to create an admin account for your Django web admin panel.

    ┌──(root💀4pfsec)-[~/boxes/thm/django/site_4pfsec]
    └─# python3 manage.py createsuperuser

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983511168/4edaf6f1-092e-4d39-978a-5230d93fdbfb.png)

**Django Admin Panel**

`0.0.0.0:8000/admin`  
This URL can be used to access Django web admin panel.

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983512164/eb655524-cb1e-459a-9d4a-2f645003b536.png)

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983513189/277a92ae-c7af-417f-afc7-0662ec7434be.png)

**startapp**

Startapp allows you to initialize an app for your project. Django projects can have an infinite number of apps.

    ┌──(root💀4pfsec)-[~/boxes/thm/django/site_4pfsec]
    └─# python3 manage.py startapp slatt

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983514219/617a6b75-d6d9-4cda-8753-629258f7b57c.png)

* * *

Creating a Site
---------------

let's go ahead and create a very simple app.

### Modify settings.py

    INSTALLED_APPS = [
        'slatt',
        'django.contrib.admin',
        'django.contrib.auth',
        'django.contrib.contenttypes',
        'django.contrib.sessions',
        'django.contrib.messages',
        'django.contrib.staticfiles',
    ]

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983515233/93fb7889-7be4-4cef-a6d6-14b6a480afeb.png)

### Modify urls.py

    from django.contrib import admin
    from django.urls import path, include
    
    urlpatterns = [
            path('slatt/', include('slatt.urls')),
        path('admin/', admin.site.urls),
    ]

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983516397/bc614962-ff0a-437a-9860-687831927cb9.png)

### App Directory

There are a couple files that need to be created in here for the app to work!

**urls.py**

    from django.urls import path
    from . import views
    
    app_name = 'slatt'
    urlpatterns = [
    	path('', views.index, name='index'),
    ]

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983517685/8765fc2d-2667-43b5-b7e8-7faa78a8f5ef.png)

**views.py**

    from django.shortcuts import render
    from django.http import HttpResponse
    
    # Create your views here.
    def index(request):
        return HttpResponse("Hello, World!")

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983518693/a53be809-fd9c-4580-8465-54732c9b3365.png)

**Running App**

    ┌──(root💀4pfsec)-[~/boxes/thm/django/site_4pfsec]
    └─# python3 manage.py migrate
    
    ┌──(root💀4pfsec)-[~/boxes/thm/django/site_4pfsec]
    └─# python3 manage.py runserver 0.0.0.0:8000

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983519753/e5320dff-95f4-4ddb-bbe0-14c2642e56c0.png)

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983520768/e43bf022-34dd-4a40-a6df-212af7c170ba.png)

### Rendering Templates with Django

Django is able to automatically generate HTML markdown if properly told so. Templates are the ones who help us with that.

**Templates**

Create a template subdirectory in the app directory to hold all of our templates.

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983521548/6a6f1a4f-5471-44cc-abe0-bfb2207b81e4.png)

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983522372/b173ec63-9f9b-426b-973f-fad48959feb5.png)

**Base.html**

    <!DOCTYPE html>
    <html lang='en'>
    <head>
    	<meta charset="UTF-8">
    	<title>{% block title %}Slatt{% endblock %}</title>
    	
    </head>
    <body>
    	
    		{% block content %} {% endblock %}
    		
    </body>
    </html>

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983524206/9cbc4121-d37f-43a2-b0c4-1ee83caadf02.png)

**index.html**

    {% extends 'base.html'%}
    
    {% block content %}
    
    Hello world!
    -Nee!
    
    {% endblock %}

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983525247/46676e95-63eb-4313-936c-75b6b52af339.png)

**views.py**

    from django.shortcuts import render
    from django.http import HttpResponse
    
    # Create your views here.
    def index(request):
        return render(request, 'index.html')

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983526312/f8d682c2-be91-4470-b83a-41cea7fbaf3d.png)

**Running App**

    ┌──(root💀4pfsec)-[~/boxes/thm/django/site_4pfsec]
    └─# python3 manage.py migrate
    
    ┌──(root💀4pfsec)-[~/boxes/thm/django/site_4pfsec]
    └─# python3 manage.py runserver 0.0.0.0:8000

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983527368/f937243f-250d-4aee-9277-fce534d9d568.png)

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983528427/419d66e0-0861-4bac-8372-9e85528a0d41.png)

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983529851/0d87df32-76df-4ea9-9b2e-ae2a99edcd44.png)

* * *

CTF
---

`Target host = 10.10.131.20`  
`Target Port = 8000`  
`Target Username = django-admin`  
`Target Password = roottoor1212`

Browsing to the host on that port returned a disallowed error as shown below.

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983531165/fcad41b9-e2d6-4a3a-b3a8-f5a3c1dc5f7b.png)

I was able to log in to the server via SSH with the given credentials.

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983532316/ce9f139f-b678-44be-8610-9ac5145be5cf.png)

Since I had access to the server, I modified the `ALLOWED_HOSTS` list in `settings.py`

    django-admin@py:~/messagebox/messagebox$ nano settings.py

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983533469/63338715-efb4-4935-a61b-479a18b66ee3.png)

That modification led me into the application as shown below.

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983534476/9eac9d84-641c-489c-9b13-511ee359d219.png)

Exploring messages returned the following.

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983536201/1ea0b46d-9e93-4c2f-b1fd-94d1b896c47a.png)

> Admin panel flag?

Since I had access to the server, I used the createsuperuser command to create my own user to be able to login to the Admin panel.

    django-admin@py:~/messagebox$ python3 manage.py createsuperuser

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983537435/fb328a4d-00f7-461c-baaa-acdd21d47be9.png)

`http://10.10.131.20:8000/admin/`

With that, I was able to login to the admin panel as shown below.

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983538512/0898df9a-30cf-4563-8d79-3fbe8efe9153.png)

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983539795/0e965300-76ff-42de-b53d-697728587ab8.png)

Browsing to [`http://10.10.131.20:8000/admin/auth/user/`](http://10.10.131.20:8000/admin/auth/user/) reveals the flag and some other interesting information as shown below!

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983541040/f2f89b6c-cf32-4f30-84b3-8efeacfe702d.png)

> User flag?

The previous challenge gave us a new username and a password hash.

    Username: StrangeFox	
    Password hash: https://pastebin.com/nmK---

Using [`https://toolz.4pfsec.com/hashId/`](https://toolz.4pfsec.com/hashId/) I was able to detect the hash as shown below.

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983542388/088af3de-72ef-4903-80a0-0245c09bf63b.png)

`SHA-256 [Hashcat Mode: 1400]`

Since I knew it was a `SHA-256` hash, I used `hashcat mode 1400` to go ahead and crack it.

    .\hashcat.exe -m 1400 .\hashes\djangoCtf.txt .\wordlists\mylist.txt --force

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983543511/7daa789a-108c-4cf8-ac14-a9edb3d7f418.png)

`c06029563b2765020613f5bf79fc528344ffa039ef1483d0c390786d8010c630:WildNature`  
`Target User = StrangeFox`  
`Target User's Password = WildNature`

Knowing the credentials, I switched to that user.

    su StrangeFox
    WildNature

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983544671/49373955-d5f7-407b-a286-807ccabc0b77.png)

> Hidden flag?

Knowing that the flag would be on the machine, I grep-ed recursively throughout the FS to find the flag. (as shown below)

    StrangeFox@py:/$ cd /
    StrangeFox@py:/$ grep -Hr "THM{"

![Introduction to Django Framework](https://cdn.hashnode.com/res/hashnode/image/upload/v1680983545864/4f8a6bc3-4763-454c-83df-aa665e0863a8.png)

* * *

Conclusion
----------

With that, this room has successfully taught me the basics of Django and how to use it against devs! Hope it helped you in some way 😏!

* * *
