OverTheWire Natas Solution Level 1-10

After completing bandit I can not stop myself from playing NATAS. this is again beautiful game. so here we go.

Natas Level 0

Given :- 

Username: natas0 
Password: natas0 
URL: http://natas0.natas.labs.overthewire.org

After Login to this page  you will get this 

Simply viewing the source you will get the password for next level

Password for natas 1 is gtVrDuiDfck831PqWsLEZy5gyDz1clto

Natas Level 1

Given :

Username: natas1
URL:      http://natas1.natas.labs.overthewire.org


After logging Here it show's right click is disable, as I don't use mouse i just click CTRL+U  

It give us password.

key is :- ZluruAthQk7Q2MqmDeTiUij2ZvWy2mBi 

Natas Level 2


Username: natas2
URL:      http://natas2.natas.labs.overthewire.org


After logging here it says Nothing is here, Next step is to view Code. 

hmm here I found something suspicious in /files/pixel i just list the contain in /files 
User.txt gives us the password.
NATAS Level 3

Username: natas3
URL:      http://natas3.natas.labs.overthewire.org

After login here It Says nothing. 

After viewing Source code it shows Even google cant find This First thing Click on my mind is robot.txt and its a correct guess

here You will get the path to key 

And the Key is here
key :- Z9tkRkWmpt9Qr7XrR5jWRkgOU901swEZ


Username: natas4
URL:      http://natas4.natas.labs.overthewire.org

This level is fairly easy when you logged in with credential you will get this 
This clearly tells us to change the referrer to given url once you change the header you will get the key

key :-iX6IOfmpN7AYOQGPwtn3fXpbaJVJcHfq


Username: natas5
URL:      http://natas5.natas.labs.overthewire.org

In this level once you logged in with credential It Says you are not Logged in.
with little bit knowledge of webapp first thought came in mind is to check cookie and pointed it to right direction > ctrl+shift+i > alert(document.cookie) shows loggedin=0 simply changing this to 1 gives the key

key :- aGoY4q2Dc6MgDq4oL4YtoKtyAg9PeHa1

NATAS Level 6
Username: natas6
URL:      http://natas6.natas.labs.overthewire.org


As level is getting high game is becoming more and more interested After logging in it ask to enter secret and the option which says view source code i clicked on that i got clue.

Source code clearly state that Secret is in includes/secret.inc

Entering that secret will give us key for next Level

Key :- 7z3hEENjQtflzgnT29q7wAvMNfZdh0i9


Username: natas7
URL:      http://natas7.natas.labs.overthewire.org

This level also follow same pattern but with Directory trivial Logging shows nothing
Then Source Code Gives the path to files 
Navigating to path Gives us key to next Level

key :- DBfUBfqQG69KvJvJ1iAbMoIpwSNQ9bWe


Username: natas8
URL:      http://natas8.natas.labs.overthewire.org

From here they Start making game lil bit tough  After logging the ask to enter the Secret 
When we glance on code it shows that secret is getting encode using php script so next step is to decode the same using same function copying that code and changing encode to decode will give us secret 
And that secret give key to LEVEL 9 

Key is :- W0mMhUcRRnG8dcghE4qvk3JA9lGt8nDl

Natas 9

Username: natas9
URL:      http://natas9.natas.labs.overthewire.org

The Real game begin here first hard task start here. it ask for find word contain  

looking at the code what we understand that Linux command execute without any Sanity  so lets make out hands dirty by rce simply entering keyword; ls /etc/ gives /etc/natas_webpass/

Further cat /etc/natas_webpass/natas10 gives us the key for next level

Key :- nOpp1igQAkUzaI1GUUjzn1bFVj7xCNzu

Natas 10

Username: natas10
URL:      http://natas10.natas.labs.overthewire.org

This time they add some sanity but the way is also cool to solve this

Code shows that it will not allow & and ; but here we got that it use preg_match so lets try searching this .* /etc/natas_webpass/natas11 and hurry we get key

Here is the key

Key  :- U82q5TCMMQ9xuFoI3dYX61s7OZD9JKoK


Enough for today now will write remaining tomorrow....

Stay tuned


  1. thanks for your information really good and very nice web design company in velachery

  2. The article was up to the point and described the information very effectively. Thanks to blog author for wonderful and informative post.
    Security Solution Services Pakistan

  3. I like the helpful info you provide in your articles. I’ll bookmark your weblog and check again here regularly. I am quite sure I will learn much new stuff right here! Good luck for the next!
    Web Designing Training Institute in Chennai | web designing and development course | web design and programming courses


  4. Welcome! Exceptionally supportive counsel inside this article! It is the little changes that produce the biggest changes. Much obliged for sharing!
    tech news

  5. Such a great blog site: There's magic in your words. Whenever you write a blog, you grab the attention of your audience. Your efforts should be appreciated. Eligible citizens can fill the online visa application form Turkey to enter the country.

  6. Wow.. Very informative article thanks for sharing please keep it up.. After submitting the application and paying the fee for Indian visa, you can get a visa in a few days. India e visa cost depends on your visa type.

  7. Best post ever, I am looking for the same post. awesome work. Hey travelers I want to tell you what is Turkey e Visa? There is an online process to have Visa delivered vertically to your email as you apply from anywhere in the world. Using it you can travel to Turkish territory legally.

  8. Thanks for taking the time to talk about it; it's something I was very excited to know about. I just inform you that we provide mobile application development Across Industries like:- education, automotive, finance services, health and insurance and many more. By the use of the latest technology for the clients of B2B & B2C both.

  9. Great job on successfully solving levels 1-10 of OverTheWire Natas! Your determination and problem-solving skills are impressive. As you progress to higher levels, you may encounter more complex challenges. If you need assistance or additional support, consider contacting a reputable assignment writing service hong kong. They can provide expert guidance and help you excel in your cybersecurity journey. Keep up the excellent work, and best of luck as you explore Natas!

  10. Your blog is a testament to your unique skill. You seamlessly weave profound insights with eloquent storytelling, creating a captivating journey through a world of knowledge. Your ability to simplify complex ideas is highly impressive. Thanks for presenting this enlightening piece that deeply connects with your audience.

  11. "Embark on a seamless academic journey with our online coursework expert writers in Hong Kong. Online coursework expert Writer Hong Kong

  12. This blog post is a gem! It's packed with valuable insights presented in a visually appealing and user-friendly manner. The author's skillful blend of attractive visuals and clear, accessible language makes learning a delight. I'm truly impressed by the seamless delivery of complex concepts. Hats off to the creator for crafting such an engaging and informative resource.


Post a Comment