OVERTHEWIRE NATAS level: 20 – 21 is quite different than all the other that we have completed. The code for this level is pretty hard to understand but took me a while but it’s done now.
The problem lies in php code and how it is handling user input with the help of keys. We need to submit key-value as admin here inorder to gain access to the next level.
The code for this level is here:
If you see closely, There is a key-value pair data and also the output comes from a file. So, what I need is to send the data in key value form. To do that I did this:
s %0A admin
It have me an error which is below:
The undefined offset error arises because the array is in key value pair and I just defined admin without a pair value. So If I use this:
which is test%0Aadmin%201 in URL encoding form, I get the admin passsword!
There you go, the password for the next level is shown!