[WEB] Cartographer

@Boakill said:
@H1LNDR, after bypassing the log in you need to figure out where else you can go. Your currently HOME. Go somewhere else.

LITERALLY, just completed it there, haha, thanks <3

Still stuck on this, I got the username/password but after fuzzing the ■■■■ out of the url, I still can’t find the keyword to use to go somewhere other than HOME.

@meni0n @Boakill has given a great clue!

Can’t get trough the panel

@Boakill said:
@H1LNDR, after bypassing the log in you need to figure out where else you can go. Your currently HOME. Go somewhere else.

how to it. when the fuzzing techniques you use send back no found

@emkac said:

@Boakill said:
@H1LNDR, after bypassing the log in you need to figure out where else you can go. Your currently HOME. Go somewhere else.

how to it. when the fuzzing techniques you use send back no found

Your overthinking it. The answer is simple, but insanely frustrating. Think about what you are looking for on the box. Try going there.

@MackyNous said:
Can’t get trough the panel

What is the easiest type of web login bypass? Try it

@meni0n said:
Still stuck on this, I got the username/password but after fuzzing the ■■■■ out of the url, I still can’t find the keyword to use to go somewhere other than HOME.

Check my answer to emkac 2 spaces up.

You will punch yourself in the face once you figure it out. N30C0UNT nailed it.

@N30C0UNT said:
Your overthinking it. The answer is simple, but insanely frustrating. Think about what you are looking for on the box. Try going there.

Got it a while ago… :wink: It was right on the pole in front of me…

not getting :frowning: anyone pls help me

@Agent22 said:

@typing said:
"Cartographer Is Still Under Construction! " True or just some tricks on the link?

Are you searching flag ? :wink:

HAHAHA!! FOUND YOUR FLAG???

/Nopes

Spidey I sent you a PM

This has got to be the easiest one out there. This took 2 mins. It all depends on what you know about bypassing logins and “using” urls.

Ok, so I passed the first half pretty easily and then I used a calculated guess to pass the second half(no tools used).
was I suppoused to use a tool?
If so which?

You will love the challenge once you get the flag. It certainly requires CTF mentality. If stuck use this website , you’ll get what you need.

Hack The Box

Hi All, am about to throw this laptop through the window :expressionless:
kinda new to CTF stuff and have tried numerous things to no avail.
Tried dirb index.php?user/page={wordlist}, tried the obvious …php?auth=1 etc. Tried force browsing directories.
Im sure its either staring me in the face or im on the wrong path.
Anyone willing to pm me some hints (not solutions) would be much appreciated.
Cheers

@svabo said:
Hi All, am about to throw this laptop through the window :expressionless:
kinda new to CTF stuff and have tried numerous things to no avail.
Tried dirb index.php?user/page={wordlist}, tried the obvious …php?auth=1 etc. Tried force browsing directories.
Im sure its either staring me in the face or im on the wrong path.
Anyone willing to pm me some hints (not solutions) would be much appreciated.
Cheers

the obvious?
you haven’t tried the complete obvious.
what is the thing you are looking for?

I got that the complete obvious is to navigate directly to somepagetoguess.php. Is this correct? I just need to guess the page? thank you very much.