OverTheWire Natas Solution Level 1-10

After completing bandit I can not stop myself from playing NATAS. this is again beautiful game. so here we go.

Natas Level 0

Given :- 

Username: natas0 
Password: natas0 
URL: http://natas0.natas.labs.overthewire.org

Solution 
After Login to this page  you will get this 


Simply viewing the source you will get the password for next level


Password for natas 1 is gtVrDuiDfck831PqWsLEZy5gyDz1clto


Natas Level 1

Given :

Username: natas1
URL:      http://natas1.natas.labs.overthewire.org


Solution 

After logging Here it show's right click is disable, as I don't use mouse i just click CTRL+U  


It give us password.


key is :- ZluruAthQk7Q2MqmDeTiUij2ZvWy2mBi 

Natas Level 2

Given 

Username: natas2
URL:      http://natas2.natas.labs.overthewire.org

Solution

After logging here it says Nothing is here, Next step is to view Code. 


hmm here I found something suspicious in /files/pixel i just list the contain in /files 
 
User.txt gives us the password.
 
NATAS Level 3

Given 
Username: natas3
URL:      http://natas3.natas.labs.overthewire.org

Solution
After login here It Says nothing. 

After viewing Source code it shows Even google cant find This First thing Click on my mind is robot.txt and its a correct guess


here You will get the path to key 




And the Key is here
key :- Z9tkRkWmpt9Qr7XrR5jWRkgOU901swEZ

NATAS 4

Given 
Username: natas4
URL:      http://natas4.natas.labs.overthewire.org

This level is fairly easy when you logged in with credential you will get this 
 
This clearly tells us to change the referrer to given url once you change the header you will get the key


key :-iX6IOfmpN7AYOQGPwtn3fXpbaJVJcHfq


NATAS 5

Given 
Username: natas5
URL:      http://natas5.natas.labs.overthewire.org

In this level once you logged in with credential It Says you are not Logged in.
 
with little bit knowledge of webapp first thought came in mind is to check cookie and pointed it to right direction > ctrl+shift+i > alert(document.cookie) shows loggedin=0 simply changing this to 1 gives the key

key :- aGoY4q2Dc6MgDq4oL4YtoKtyAg9PeHa1

NATAS Level 6
Given 
Username: natas6
URL:      http://natas6.natas.labs.overthewire.org

Solution

As level is getting high game is becoming more and more interested After logging in it ask to enter secret and the option which says view source code i clicked on that i got clue.



Source code clearly state that Secret is in includes/secret.inc

Entering that secret will give us key for next Level


Key :- 7z3hEENjQtflzgnT29q7wAvMNfZdh0i9

NATAS LEVEL 7

Given 
Username: natas7
URL:      http://natas7.natas.labs.overthewire.org

Solution
This level also follow same pattern but with Directory trivial Logging shows nothing
 
Then Source Code Gives the path to files 
Navigating to path Gives us key to next Level


key :- DBfUBfqQG69KvJvJ1iAbMoIpwSNQ9bWe

NATAS 8

Given 
Username: natas8
URL:      http://natas8.natas.labs.overthewire.org

Solution
From here they Start making game lil bit tough  After logging the ask to enter the Secret 
When we glance on code it shows that secret is getting encode using php script so next step is to decode the same using same function copying that code and changing encode to decode will give us secret 
  
And that secret give key to LEVEL 9 

Key is :- W0mMhUcRRnG8dcghE4qvk3JA9lGt8nDl

Natas 9

Given 
Username: natas9
URL:      http://natas9.natas.labs.overthewire.org

Solutions 
The Real game begin here first hard task start here. it ask for find word contain  

looking at the code what we understand that Linux command execute without any Sanity  so lets make out hands dirty by rce simply entering keyword; ls /etc/ gives /etc/natas_webpass/



Further cat /etc/natas_webpass/natas10 gives us the key for next level



Key :- nOpp1igQAkUzaI1GUUjzn1bFVj7xCNzu

Natas 10

Given 
Username: natas10
URL:      http://natas10.natas.labs.overthewire.org

This time they add some sanity but the way is also cool to solve this


Code shows that it will not allow & and ; but here we got that it use preg_match so lets try searching this .* /etc/natas_webpass/natas11 and hurry we get key

Here is the key


Key  :- U82q5TCMMQ9xuFoI3dYX61s7OZD9JKoK

Cheers

Enough for today now will write remaining tomorrow....

Stay tuned



Comments



  1. thanks for your information really good and very nice web design company in velachery

    ReplyDelete
  2. The article was up to the point and described the information very effectively. Thanks to blog author for wonderful and informative post.
    Security Solution Services Pakistan

    ReplyDelete
  3. I like the helpful info you provide in your articles. I’ll bookmark your weblog and check again here regularly. I am quite sure I will learn much new stuff right here! Good luck for the next!
    Web Designing Training Institute in Chennai | web designing and development course | web design and programming courses

    ReplyDelete

  4. Welcome! Exceptionally supportive counsel inside this article! It is the little changes that produce the biggest changes. Much obliged for sharing!
    tech news

    ReplyDelete
  5. Such a great blog site: There's magic in your words. Whenever you write a blog, you grab the attention of your audience. Your efforts should be appreciated. Eligible citizens can fill the online visa application form Turkey to enter the country.

    ReplyDelete
  6. Wow.. Very informative article thanks for sharing please keep it up.. After submitting the application and paying the fee for Indian visa, you can get a visa in a few days. India e visa cost depends on your visa type.

    ReplyDelete
  7. Best post ever, I am looking for the same post. awesome work. Hey travelers I want to tell you what is Turkey e Visa? There is an online process to have Visa delivered vertically to your email as you apply from anywhere in the world. Using it you can travel to Turkish territory legally.

    ReplyDelete
  8. Thanks for taking the time to talk about it; it's something I was very excited to know about. I just inform you that we provide mobile application development Across Industries like:- education, automotive, finance services, health and insurance and many more. By the use of the latest technology for the clients of B2B & B2C both.

    ReplyDelete
  9. Great job on successfully solving levels 1-10 of OverTheWire Natas! Your determination and problem-solving skills are impressive. As you progress to higher levels, you may encounter more complex challenges. If you need assistance or additional support, consider contacting a reputable assignment writing service hong kong. They can provide expert guidance and help you excel in your cybersecurity journey. Keep up the excellent work, and best of luck as you explore Natas!

    ReplyDelete
  10. Your blog is a testament to your unique skill. You seamlessly weave profound insights with eloquent storytelling, creating a captivating journey through a world of knowledge. Your ability to simplify complex ideas is highly impressive. Thanks for presenting this enlightening piece that deeply connects with your audience.

    ReplyDelete
  11. "Embark on a seamless academic journey with our online coursework expert writers in Hong Kong. Online coursework expert Writer Hong Kong

    ReplyDelete

Post a Comment