…, I’m sure there is a way to actually use the session obtained from the login to brute force / wordlist that word. Could someone pm me how this would be done if the word would not be so obvious?
I would also like to know what sort of directory enumeration can be performed in the situation. Would you need a custom script? or there is there a tool that already has this functionality?
I found that the dictionary in Burp Sniper ->Simple list → short words could work in this instance. You could also use CeWL to generate a wordlist from HTB and it would grab the word from this website.
You don’t need bruteforcing, @alemorbel ! The best hint in this thread is not to overthink it. Literally. Just… don’t. Use one of the most obvious technique to bypass login (google-fu !). Nothing automated needed here.
Just completed this. Hints on here were very useful for the second part - which is a bit of informed guess work. Found the other hints about bypassing the login not so helpful.
“the most basic way to bypass a web form” is pretty subjective when you are new to this. It is what I would consider a bonafide technique / method. E.g. brute forcing, or something else…
Tip on people already f*****g this box and not getting it: it’s not in “common” wordlists you’re probably trying, because this is a CTF machine and not real world-- it’s not there. But your on the right track.
So, question and hopefully not a spoiler; but why didn’t webpage enumeration tools like dirb and dirbuster not produce results that would have helped sufficiently? I got the flag, so I don’t need hints to find it - just trying to understand the challenge better.