OverTheWire: Natas Write-up

The Natas wargame is all about server side web-security, each challenge you are given a website with a certain vulnerability which you have to exploit to get the password for the next level. This write up will not post any of the passwords out of respect for the wargame and future players. 

Level 0

This simple website reads “You can find the password for the next level on this page.” We cannot see it visually, so naturally the first thing we should check is the source code. And we find our password hiding as an html comment.

<!--The password for natas1 is gtVr****************************-->

Level 1

Right click has been blocked on this site, however, we can still access the page’s source using a keyboard shortcut. In chromium, this is Crtl + U. And in the source we see the password for level 2.

<!--The password for natas2 is Zlur****************************-->

Level 2

Looking at the source code, we see there is an image in the page, but it’s very small and doesn’t seem to be relevant. However it’s location is.

It comes from the folder files/. Let’s navigate there and see what other files are in this folder.
http://natas2.natas.labs.overthewire.org/files/

Oh look, something else called users.txt
http://natas2.natas.labs.overthewire.org/files/users.txt

And inside we see our password.

natas3:sJIJ****************************

Level 3

In the source code we are given our first clue.

<!-- No more information leaks!! Not even Google will find it this time...-->

Google can only access pages it is allowed to by a file called robots.txt. So perhaps we should look there.

http://natas3.natas.labs.overthewire.org/robots.txt

User-agent: *
Disallow: /s3cr3t/

Looks like the folder  /s3cr3t/ is being hidden from Google. Let’s navigate there.

We are greeted with a users.txt file and inside it is our password.

natas4:Z9tk****************************

Level 4

Coming soon

 

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

WordPress.com.

Up ↑