[WEB] Cartographer

At first I had no idea how to go about this challenge but the hints here definitely helped. That login bypass was weirdly easy I couldn’t believe it worked.

ikuamike

@fleitner said:

…, I’m sure there is a way to actually use the session obtained from the login to brute force / wordlist that word. Could someone pm me how this would be done if the word would not be so obvious?

I would also like to know what sort of directory enumeration can be performed in the situation. Would you need a custom script? or there is there a tool that already has this functionality?

Just try something …

OR ‘try something else’

I have to say. I tried brute-forcing my way through, running dirb, and now I feel so dumb after reading through what everyone said… Even as a newbie I should have gotten that. It’s the easiest trick in the book.

Got it, couldn’t believe how easy it was to get in. After id read through the comments and done some of my own research it finally clicked in my head. As stated in some of these comments its the most common way of login bypass and it is extremely simple. I bashed my head and then punched the air after i got in.

@sumOne said:

@fleitner said:

…, I’m sure there is a way to actually use the session obtained from the login to brute force / wordlist that word. Could someone pm me how this would be done if the word would not be so obvious?

I would also like to know what sort of directory enumeration can be performed in the situation. Would you need a custom script? or there is there a tool that already has this functionality?

I found that the dictionary in Burp Sniper ->Simple list → short words could work in this instance. You could also use CeWL to generate a wordlist from HTB and it would grab the word from this website.

Finally completed this challenge if need any help feel free to ask.

hahahaha this made me laugh :smiley:

smashes head against desk
That was super simple and I totally overthought it.

You don’t need bruteforcing, @alemorbel ! The best hint in this thread is not to overthink it. Literally. Just… don’t. Use one of the most obvious technique to bypass login (google-fu !). Nothing automated needed here.

PM me if you still need help ! :slight_smile:

This made me bash my head against a wall… I was overthinking it so hard.
Always try the most simple thing you can think of.

Remember, think of this like a CTF not a real world scenario

Just completed this. Hints on here were very useful for the second part - which is a bit of informed guess work. Found the other hints about bypassing the login not so helpful.

“the most basic way to bypass a web form” is pretty subjective when you are new to this. It is what I would consider a bonafide technique / method. E.g. brute forcing, or something else…

I can’t start the docker, I always receive an error, do you receive the same error? Thanks in advance!

Hint: after bypassing the login, go for the place that you are looking for, literally!

nice challenge :slight_smile:

Tip on people already f*****g this box and not getting it: it’s not in “common” wordlists you’re probably trying, because this is a CTF machine and not real world-- it’s not there. But your on the right track.

Definitely overthought this one once I was in there. LOL!

Type your comment> @Agent22 said:

@typing said:
"Cartographer Is Still Under Construction! " True or just some tricks on the link?

Are you searching flag ? :wink:

hahaha wow that was quite the nudge!

bang! banging bang! my bang! head bang! against bang! a bang! wall.

It was that simple