After completing bandit I can not stop myself from playing NATAS. this is again beautiful game. so here we go.
Natas Level 0
Given :-
Username: natas0
Password: natas0
URL: http://natas0.natas.labs.overthewire.org
Solution
After Login to this page you will get this
Simply viewing the source you will get the password for next level
Password for natas 1 is gtVrDuiDfck831PqWsLEZy5gyDz1clto
Natas Level 1
Given :
Username: natas1
URL: http://natas1.natas.labs.overthewire.org
Solution
After logging Here it show's right click is disable, as I don't use mouse i just click CTRL+U
It give us password.
key is :- ZluruAthQk7Q2MqmDeTiUij2ZvWy2mBi
Natas Level 2
Given
Username: natas2
URL: http://natas2.natas.labs.overthewire.org
Solution
After logging here it says Nothing is here, Next step is to view Code.
hmm here I found something suspicious in /files/pixel i just list the contain in /files
User.txt gives us the password.
NATAS Level 3
Given
Username: natas3
URL: http://natas3.natas.labs.overthewire.org
SolutionAfter login here It Says nothing.
After viewing Source code it shows Even google cant find This First thing Click on my mind is robot.txt and its a correct guess
here You will get the path to key
And the Key is here
key :- Z9tkRkWmpt9Qr7XrR5jWRkgOU901swEZ
NATAS 4
Given
NATAS 4
Given
Username: natas4
URL: http://natas4.natas.labs.overthewire.org
This level is fairly easy when you logged in with credential you will get this
This clearly tells us to change the referrer to given url once you change the header you will get the key
key :-iX6IOfmpN7AYOQGPwtn3fXpbaJVJcHfq
NATAS 5
Given
Given
Username: natas5
URL: http://natas5.natas.labs.overthewire.org
In this level once you logged in with credential It Says you are not Logged in.
with little bit knowledge of webapp first thought came in mind is to check cookie and pointed it to right direction > ctrl+shift+i > alert(document.cookie) shows loggedin=0 simply changing this to 1 gives the key
key :- aGoY4q2Dc6MgDq4oL4YtoKtyAg9PeHa1
Source code clearly state that Secret is in includes/secret.inc
Entering that secret will give us key for next Level
Key :- 7z3hEENjQtflzgnT29q7wAvMNfZdh0i9
NATAS LEVEL 7
Navigating to path Gives us key to next Level
key :- DBfUBfqQG69KvJvJ1iAbMoIpwSNQ9bWe
key :- aGoY4q2Dc6MgDq4oL4YtoKtyAg9PeHa1
NATAS Level 6
Given
Given
Username: natas6
URL: http://natas6.natas.labs.overthewire.org
Solution
As level is getting high game is becoming more and more interested After logging in it ask to enter secret and the option which says view source code i clicked on that i got clue.
Source code clearly state that Secret is in includes/secret.inc
Entering that secret will give us key for next Level
Key :- 7z3hEENjQtflzgnT29q7wAvMNfZdh0i9
NATAS LEVEL 7
Given
Username: natas7
URL: http://natas7.natas.labs.overthewire.org
Solution
This level also follow same pattern but with Directory trivial Logging shows nothing
Then Source Code Gives the path to files
key :- DBfUBfqQG69KvJvJ1iAbMoIpwSNQ9bWe
NATAS 8
Given
Given
Username: natas8
URL: http://natas8.natas.labs.overthewire.org
Solution
From here they Start making game lil bit tough After logging the ask to enter the Secret
When we glance on code it shows that secret is getting encode using php script so next step is to decode the same using same function copying that code and changing encode to decode will give us secret
And that secret give key to LEVEL 9
Key is :- W0mMhUcRRnG8dcghE4qvk3JA9lGt8nDl
Natas 9
Given
Username: natas9
URL: http://natas9.natas.labs.overthewire.org
Solutions
The Real game begin here first hard task start here. it ask for find word contain 
looking at the code what we understand that Linux command execute without any Sanity so lets make out hands dirty by rce simply entering keyword; ls /etc/ gives /etc/natas_webpass/
Further cat /etc/natas_webpass/natas10 gives us the key for next level
Key :- nOpp1igQAkUzaI1GUUjzn1bFVj7xCNzu
Here is the key
Key :- U82q5TCMMQ9xuFoI3dYX61s7OZD9JKoK
Cheers
Enough for today now will write remaining tomorrow....
Stay tuned
looking at the code what we understand that Linux command execute without any Sanity so lets make out hands dirty by rce simply entering keyword; ls /etc/ gives /etc/natas_webpass/
Further cat /etc/natas_webpass/natas10 gives us the key for next level
Key :- nOpp1igQAkUzaI1GUUjzn1bFVj7xCNzu
Natas 10
Given
Username: natas10
URL: http://natas10.natas.labs.overthewire.org
This time they add some sanity but the way is also cool to solve this
Code shows that it will not allow & and ; but here we got that it use preg_match so lets try searching this .* /etc/natas_webpass/natas11 and hurry we get key
Key :- U82q5TCMMQ9xuFoI3dYX61s7OZD9JKoK
Cheers
Enough for today now will write remaining tomorrow....
Stay tuned
The article is so informative. This is more helpful for our
ReplyDeleteBest online software testing training course institute in chennai with placement
Best selenium testing online course training in chennai
Learn best software testing online certification course class in chennai with placement
Thanks for sharing.
ReplyDeletethanks for your information really good and very nice web design company in velachery
The article was up to the point and described the information very effectively. Thanks to blog author for wonderful and informative post.
ReplyDeleteSecurity Solution Services Pakistan
I like the helpful info you provide in your articles. I’ll bookmark your weblog and check again here regularly. I am quite sure I will learn much new stuff right here! Good luck for the next!
ReplyDeleteWeb Designing Training Institute in Chennai | web designing and development course | web design and programming courses
Mua vé máy bay tại Aivivu, tham khảo
ReplyDeleteLịch bay từ Hàn Quốc về Việt Nam hôm nay
mua vé máy bay pleiku đi sài gòn
vé máy bay sg hn
lịch bay hà nội đà lạt
chuyến bay thẳng từ mỹ về việt nam
ReplyDeleteWelcome! Exceptionally supportive counsel inside this article! It is the little changes that produce the biggest changes. Much obliged for sharing!
tech news
Such a great blog site: There's magic in your words. Whenever you write a blog, you grab the attention of your audience. Your efforts should be appreciated. Eligible citizens can fill the online visa application form Turkey to enter the country.
ReplyDeleteThis is a wonderful inspiring article. I am practically satisfied with your great work. You have really put together extremely helpful data. Keep it up.. kenya multiple entry visa, a multiple visa for Kenya is for individuals who need to enter the country multiple times for business or medical reasons.
ReplyDeleteWow.. Very informative article thanks for sharing please keep it up.. After submitting the application and paying the fee for Indian visa, you can get a visa in a few days. India e visa cost depends on your visa type.
ReplyDeleteThanks for your great article which is both informative and innovative: with the latest updates. It was highly invaluable. Travelers can apply Indian tourist visa for US citizens directly for e-visas online. Therefore, the Indian government has developed an easy-to-use online Indian visa application form that makes it easy to apply for a visa.
ReplyDeleteBest post ever, I am looking for the same post. awesome work. Hey travelers I want to tell you what is Turkey e Visa? There is an online process to have Visa delivered vertically to your email as you apply from anywhere in the world. Using it you can travel to Turkish territory legally.
ReplyDeleteThanks for taking the time to talk about it; it's something I was very excited to know about. I just inform you that we provide mobile application development Across Industries like:- education, automotive, finance services, health and insurance and many more. By the use of the latest technology for the clients of B2B & B2C both.
ReplyDeleteGreat job on successfully solving levels 1-10 of OverTheWire Natas! Your determination and problem-solving skills are impressive. As you progress to higher levels, you may encounter more complex challenges. If you need assistance or additional support, consider contacting a reputable assignment writing service hong kong. They can provide expert guidance and help you excel in your cybersecurity journey. Keep up the excellent work, and best of luck as you explore Natas!
ReplyDelete