[WEB] Cartographer

135

Comments

  • The flag is the flag. Don't overthink.

  • "Cartographer Is Still Under Construction!" idk what means

    sckull

  • i have been stuck on this for hours now. bruteforcing for directories does not help. how do bypass login

  • Got this today thanks to some hints here. Careful, one of them is misleading.
    This challenge is a 2 part TEXTBOOK example of the exploit. Great job.

    As people have said, get you practice in with basic ways to bypass that login.

    Good luck!

  • @CrossHeart963 i sent you a pm. still stuck on this. i cant get pass the login page. using dirb and parameter fuzzing

  • @AviShabat said:

    @svabo said:
    Hi All, am about to throw this laptop through the window :expressionless:
    kinda new to CTF stuff and have tried numerous things to no avail.
    Tried dirb index.php?user/page={wordlist}, tried the obvious ...php?auth=1 etc. Tried force browsing directories.
    Im sure its either staring me in the face or im on the wrong path.
    Anyone willing to pm me some hints (not solutions) would be much appreciated.
    Cheers

    the obvious?
    you haven't tried the complete obvious.
    what is the thing you are looking for?

    Just solved this. Now laughing at myself.

  • I did it in a matter of minutes and it felt quite underwhelming 8-)

    Elio

  • @zealsham said:
    @CrossHeart963 i sent you a pm. still stuck on this. i cant get pass the login page. using dirb and parameter fuzzing

    You're overthinking it. As you can read from other suggestions, bypassing is the key. What is the most obvious login bypass technique out there? Yes, that one. Use it. Once in, focus on what you're looking for, the flag, and you'll find it.

  • Honestly really overthought it.. But it was easy to have one sql tool running.

  • Hi, I've found username and password values but when I log in it says: Cartographer Is Still Under Construction!

    Any hint on how to continue? I'm a little bit lost...

  • edited August 2018

    Hi support (hehehe)

    I found the session hash and a couple of php pages (one is *****.php and the other a long,long name about not being there), the status dir is also known (without permissions), I tried several fuzzy changes (logical and not so logical), sqli (full cheatsheet) and even bruteforce... I noticed that only one php injects you a cookie and now im triying to use that cookie into another path... Without success...

    I owned a couple of servers and this is my second challenge and before step-by-step i was able to accomplish, but this is driving me nuts.

    Sorry if there is something wrong with my comment, its my first day

  • I feel like a dummy because I can't seem to figure this out. I don't think I have even bypassed the login, did find one .php-file url of interest but that's about it. Anyone want to PM me and give me a nod in the right direction, I feel very lost here and people here say it's supposed to be quite simple? :P

  • It's very simple, and yes it makes you feel like shit when everyone is saying it's simple and you can't get around it.

    Feel free to pm me, I'll try making some riddles :)

  • already completed free to PM me

  • took me 2 minutes to get this one

  • @Afolic said:
    okay easy way out, after bypassing the login, think of what you are looking for in the page then try playing with the url

    @Afolic said:
    okay easy way out, after bypassing the login, think of what you are looking for in the page then try playing with the url

    Awesome hint

    Hack The Box

  • I feel frustrated after solving this :anguished:

  • Hello,

    Just to make sure while making any attempts on the login screen i get this error on the response
    Database Error: No such file or directory

    Is this an expected behavior of this challenge?

  • I've been getting database errors as well on this machine :( Cannot solve it.

  • It's a bug. Stop and relaunch your Docker and hope that this is resolved

  • @bosscy said:
    Hello,

    Just to make sure while making any attempts on the login screen i get this error on the response
    Database Error: No such file or directory

    Is this an expected behavior of this challenge?

    Me too!

    Deleite

  • @backspace said:
    It's a bug. Stop and relaunch your Docker and hope that this is resolved

    I've tried several times and I only get that error.

    Deleite

  • @Fuitad said:
    I've been getting database errors as well on this machine :( Cannot solve it.

    Hey, it's not a bug, that happens if you have hackerbox's VPN connected.

    Deleite

  • Hahahaha after this i changed my common.txt

  • What is the most obvious login bypass technique out there? What is the most obvious login bypass technique out there? What is the most obvious login bypass technique out there? What is the most obvious login bypass technique out there?
    This question is more frustrating than the problem itself.

  • Please someone PM me. I tried for 3 hours. I am out of ideas. Don't know user and pass. And no, I do not know what the most obvious bypass technique is.

  • Hi, guys. Its great to have a community here. So far I have cracked this cartographer challenge already this morning. The key was just a lucky guess for me. I'm happy that I found. But still, it doesn't satisfy me much. Is there anything else instead of lucky guess after bypassing the login page to find the flag.

  • At first I was confused when saw that Under Construction page...
    but after read that it's quite easy i did a thing that is easiest one and bingo!

  • Ok, after checking here I was able to 'guess' the correct word to find the flag. Now I feel rather stupid for not doing the obvious first.

    However, I'm sure there is a way to actually use the session obtained from the login to brute force / wordlist that word. Could someone pm me how this would be done if the word would not be so obvious?

    fleitner
    Starting out...

  • At first I had no idea how to go about this challenge but the hints here definitely helped. That login bypass was weirdly easy I couldn't believe it worked.

    ikuamike

    ikuamike

Sign In to comment.