Anonhack

"If Nobody sees it, it didn't Happen"

Overthewire Natas: Walkthrough Series Levels 1 – 4

Overthewire natas

We have already completed overthewire bandit series. Now, we will be going forward and looking at Overthewire Natas walkthroughs, The Natas are based on the Web security. It starts from basic level.

link: natas.labs.overthewire.org

Start here:

Username: natas0
Password: natas0
URL:      http://natas0.natas.labs.overthewire.org

Level 0 – 1 :

Login to natas0 with above credentials.

The level is pretty easy. The hint says that the password in this page.

Overthewire natas 3

This level teaches you to always look at the source of the page. The source of the page contains a lot of information about the site itself. So Right click and Click on View Source.

Overthewire natas 5
Overthewire natas 6There you go, The password for the for natas1 is right there in the source.

Level 1 – 2

Login in natas1 with the password we found above.

Overthewire natas 7 The hint for this page says that the right click on the page has been blocked. When you do the right click a prompt is generated stating that the right click is disabled.
Mostly Javascript controls the events on the page. So an event like a right click is disabled because of Javascript. There are many ways to get rid of this problem:

  1. You can disable javascript by going to the settings of the browser.
  2. You can install a plugin called Web Developer. It contains different tools. You can directly go to Tools > View source code from there. Or you can also disable javascript using that plugin in the Disable tab.

 

Overthewire natas 8

There is the password in the source.

Overthewire natas 9
Level 2 – 3:

Login in natas2  with the password obtained above.

The hint says “there’s nothing on this page”. So We go to the source we grab some hints.

Overthewire natas 9In the source, there is a src location, that might be interesting. Since the hint says that there is nothing on the page we are on, then that might be the page that contains the password.

Overthewire natas 97
Overthewire natas 11

Overthewire natas 22

Users.txt seems like the file which might have user details.
Overthewire natas 0
Overthewire natas 1Overthewire natas 34

There you go the password for the Natas3 level.

Level 3 – 4:

Login with above password. The source code of this page says: “There is nothing on this page”.
In the comments below: It says “Not even Google will find it this time”.

So It’s time to look Google it.

 

Overthewire natas 9

So I google “google natas3”.  Google has indexed s3cr3t directory.

Overthewire natas 2

So I went to that directory and found a file users.txt.

Overthewire natasThere you go, the password for the natas4.

Overthewire natas 34

This series will continue in the next post. Once the post is done I will be posting the links here.

Overthewire Natas Level 4 – 7

#hacking #challenges (3) admin (3) Blind SQL Injection (4) Burpsuite (3) c (4) challenges (3) C language (19) C program (6) c program code (5) C programming language (5) C programs (3) ctf (3) dirb (2) google hacking (4) hacker (5) hacking (23) hacking information gathering (11) Hacking with python (7) Hacking with python series (7) hackthebox (3) how to hide your ip address (2) information gathering (9) information gathering methods (9) kali (3) linux (4) Metasploit (3) Natas (9) natas overthewire (3) natas walkthrough (3) Natas walkthrough overthewire (3) netcat (3) network enumeration (2) nmap (5) overthewire (20) over the wire bandit (3) Overthewire natas (13) overthewire natas walkthrough (9) overthewire walkthrough (5) privilege escalation (4) python (6) shell (4) shell scripting (4) sql (3) sqli (3) SQL Injection (11) ssh (6) vulnhub (4) walkthrough (11)

Jo

, ,
, , , , , , , , , , , , , ,

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.