Advertisements

OVERTHEWIRE NATAS SERIES: 24 – 25 LEVEL Walkthrough

Overthewire Natas 25 Level is based on strcmp() function vulnerability. Generally, strcmp() is used to compare two strings together, We need to generate some kind of error here so we can obtain the password for the next level. The code for the level is here: So, I tried a lot of ways to generate error

Advertisements
Advertisements
Advertisements
Advertisements
Advertisements
Advertisements

OVERTHEWIRE NATAS SERIES: 17 – 18 LEVEL Walkthrough

OVERTHEWIRE NATAS level 17-18 is about blind sql injection. To make the level more complicated, the output hasn’t been displayed. Let’s dive in the level: If you look at the code below. It is a simple code which takes the username and check for its existence in the table users. but No output display! This

Advertisements

OVERTHEWIRE NATAS SERIES: 16 – 17 LEVEL Walkthrough

The walkthrough for the last level is available on this link: http://www.anonhack.in/2018/09/overthewire-natas-series-15-16-level-walkthrough/ This level is little bit similar to the last level. Here we have to perform a command injection. Let’s have a look at the source code of this level: See the highlighted text in the code above. $key variable is the one carrying our

Advertisements

OVERTHEWIRE NATAS SERIES: 15 – 16 LEVEL Walkthrough

If you want to see the level 14- 15, follow this link: http://www.anonhack.in/2018/09/overthewire-natas-series-14-15-levels/ Level 15-16 is also based on SQL injection but here we have to work on boolean based SQL injection technique. Let me how you how: This is what the screen looks like: I put “natas16” as the user here and it turns out

%d bloggers like this: