-
Notifications
You must be signed in to change notification settings - Fork 0
/
Natas
80 lines (55 loc) · 2.59 KB
/
Natas
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
natas0:
natas0:
# natas1:
gtVrDuiDfck831PqWsLEZy5gyDz1clto
# natas2:
ZluruAthQk7Q2MqmDeTiUij2ZvWy2mBi
# natas3:
sJIJNW6ucpu6HPZ1ZAchaDtwd7oGrD14
###additional info i got during the game###
username:password
alice:BYNdCesZqW
bob:jw2ueICLvT
charlie:G5vCxkVV3m
eve:zo4mJWyNj2
mallory:9urtcpzBmH
### end ####
# natas4:
Natas3 has the same text as natas2, “There is nothing on this page” but that’s not entirely true. There’s a hint in the source code:
< !-- No more information leaks!! Not even Google will find it this time... -- >
I still didn’t get it, so I went over to ircs.overthewire.org #waregames and asked the HintBot for a hint. It replayed with “Hint(50): natas3: think like a search engine”. So I then looked up How web search engines work, there it say “The site owner can exclude specific pages by using robots.txt.”. Ok, so let us check if this file exists http://natas3.natas.labs.overthewire.org/robots.txt.
User-agent: *
Disallow: /s3cr3t/
This mean that all user-agents should not find “/s3cr3t/” in a search, well let see what’s inside this folder then. http://natas3.natas.labs.overthewire.org/s3cr3t/. There’s a “user.txt” and the content of this file is:
The password for natas4 is:
Z9tkRkWmpt9Qr7XrR5jWRkgOU901swEZ
# natas5
here we see
Access disallowed. You are visiting from "" while authorized users should come only from "http://natas5.natas.labs.overthewire.org/"
on refreshing we see
Access disallowed. You are visiting from "http://natas4.natas.labs.overthewire.org" while authorized users should come only from "http://natas5.natas.labs.overthewire.org/"
edit the header response and add
[Referer: http://natas5.natas.labs.overthewire.org/]
this gives us the password: iX6IOfmpN7AYOQGPwtn3fXpbaJVJcHfq
# natas6
the page greets us with a message "Acess dissallowed, you are not logged in ".
this hints us to check the cookies
there we'll find loggedin and its value =0
change it to 1 and you will get the password
the password is: aGoY4q2Dc6MgDq4oL4YtoKtyAg9PeHa1
# natas7
here you'll be asked to input a secret phrase, which might confuse you because you have none.
so we check the source code of the page
in the php code we see that include/secret.inc is included, so we go and check the page where we find the secret phrase.
<?
$secret = "FOEIUWGHFEEUHOFUOIU";
?>
the password is: 7z3hEENjQtflzgnT29q7wAvMNfZdh0i9
# natas8
the password is: DBfUBfqQG69KvJvJ1iAbMoIpwSNQ9bWe
# natas9
the password is: W0mMhUcRRnG8dcghE4qvk3JA9lGt8nDl
# natas10
the password is: nOpp1igQAkUzaI1GUUjzn1bFVj7xCNzu
# natas11
the password is: U82q5TCMMQ9xuFoI3dYX61s7OZD9JKoK