Skip to content

shivam-0806/over-the-wire-natas

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 

Repository files navigation

over-the-wire-natas

Did till natas7 b4 creating this repo
Starting from natas7

->Natas7
used concept of local file inclusion. open source code(ctrl+U) and hint is given that pwd is in /etc/.../natas8/. observe that url of home and about contains php part. from "https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.1-Testing_for_Local_File_Inclusion"
Typical proof-of-concept would be to load passwd file: http://vulnerable_host/preview.php?file=../../../../etc/passwd. so just put /etc../natas8 in url instead of about.

->Natas8
nothing in ctrl+U. going to "view sourcecode" will find php code. take the encodedSecret, convert it to ascii, reverse it, decode base64 and lesgoo!!

->Natas9
play around. type * and it gives the source code. tried ls -a. # verifies that it's working. | cat gives entire txt file. or just do http://natas9.natas.labs.overthewire.org/dictionary.txt (as proven by typing ls -a in search)
given at beginning of natas - all pwds are at /etc/natas_webpass/natasX. so type | cat /etc/natas_webpass/natas10.

->Natas10
search "" cat /etc/natas_webpass/natas11.

->Natas11
WTF. 3 things - key,cipher,plaintext - are reqd. in XOR encryption. to find key do XOR of cipher and plaintext. plaintext = {"showpassword":"no","bgcolor":"#ffffff"}. copy COOKIE, b64 decode it, XOR it using plaintext as key. key will be obtained as repeated pattern. now set showpwd to yes in plaintext and do reverse to find cookie. change value of cookie and reload page.

->Natas12
A malicious file such as a Unix shell script, a windows virus, an Excel file with a dangerous formula, or a reverse shell can be uploaded on the server in order to execute code by an administrator or webmaster later – on the victim’s machine.

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published