# Day 16 Learning Objectives * Complex neural network structures * How does a convolutional neural networks function? * Using neural networks for optical character recognition * Integrating neural networks into red team tooling This room is again a very straightforward one with all commands and instructions already given. We just need to follow along and run them. {% code overflow="wrap" %} ``` What key process of training a neural network is taken care of by using a CNN? Submit [REDACTED] This can be found in the reading section at the begining ``` {% endcode %} ``` What is the name of the process used in the CNN to extract the features? [REDACTED] This can be found in the reading section at the begining ``` ``` What is the name of the process used to reduce the features down? [REDACTED] This can be found in the reading section at the begining ``` ``` What off-the-shelf CNN did we use to train a CAPTCHA-cracking OCR model? [REDACTED] This can be found in the reading section at the begining ``` {% code overflow="wrap" %} ``` What is the password that McGreedy set on the HQ Admin portal? [REDACTED] This can be found once the CNN model has been exported and hosted. We then run the bruteforce.py program given. ``` {% endcode %} ``` cd ~/Desktop/bruteforcer && python3 bruteforce.py [-] Prediction probability too low, not submitting CAPTCHA [-] Invalid credential pair -- Username: admin Password: Spring2017 [-] Incorrect CAPTCHA value was supplied, we will resubmit this password [-] Invalid credential pair -- Username: admin Password: Spring2021 . . . [-] Invalid credential pair -- Username: admin Password: sysadmin [-] Invalid credential pair -- Username: admin Password: water [-] Invalid credential pair -- Username: admin Password: dirt [-] Invalid credential pair -- Username: admin Password: air [-] Invalid credential pair -- Username: admin Password: earth [+] Access Granted!! -- Username: [REDACTED] Password: [REDACTED] ``` {% code overflow="wrap" %} ``` What is the value of the flag that you receive when you successfully authenticate to the HQ Admin portal? [REDACTED] With the username and password found we just need to enter it into the site along with the CAPTCHA. This will give us the flag. ``` {% endcode %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://bunring.gitbook.io/ctf-writeups/try-hack-me/advent-of-cyber-2023/day-16.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.