Natas · OverTheWire

Natas Level 6 → Level 7

Level 6

Username : natas6
Password : aGoY4q2Dc6MgDq4oL4YtoKtyAg9PeHa1
URL : http://natas6.natas.labs.overthewire.org

Solution

To solve this level, we first log into the natas6 application using the credentials provided above.

7-10-2017 3-30-02 PM.png

We can see that the application provides a text box to enter a secret. Presumably, if the secret matches what the application expects, we should get our password for the next round.

7-10-2017 3-30-36 PM.png

Looking at the source code, we can see that the application checks the entered value against a secret obtained from the file ‘ includes/secret.inc ‘.  Therefore, if we can find out what that value is, we might be able to obtain the password for the next level.

Upon navigating to http://natas6.natas.labs.overthewire.org/includes/secret.inc, we can see that the application shows the password for the next level in a comment. We can now use that secret in the application and Voila!, the application prints the password for the next level.

7-10-2017 3-31-22 PM.png

7-10-2017 3-32-02 PM.png

Level 7

Username : natas7
Password : 7z3hEENjQtflzgnT29q7wAvMNfZdh0i9
URL : http://natas7.natas.labs.overthewire.org

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s