Natas Level 6
28 Sep 2015 • LeanderThis is a solution guide to the Natas6 Level at overthewire. This write-up was created on 5 March 2015.
First connect to the website
- http://natas6.natas.labs.overthewire.org
- Enter the following as the username natas6 and password aGoY4q2Dc6MgDq4oL4YtoKtyAg9PeHa1
Once again something new. We have an input field, a button to click, and a link which says view sourcecode. First let’s try hitting submit just to see what happens. Big surprise - wrong secret. So now let’s check the source code.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
<?php
include "includes/secret.inc";
if(array_key_exists("submit", $_POST)) {
if($secret == $_POST['secret']) {
print "Access granted. The password for natas7 is <censored>";
}
else {
print "Wrong secret";
}}
?>
<form method=post>
Input secret: <input name=secret><br>
<input type=submit name=submit>
</form>
It’s pretty simple source code, it essentially compares the value submitted in the text field to the contents in a file called secret.inc
. So let’s see if we can access that file located on line 2 to get the contents @ http://natas6.natas.labs.overthewire.org/includes/secret.inc
At this point we find the following:
So now we know our secret value. Return back to the main page and enter it into the text field and see what happens …
Access granted. The password is natas7:7z3hEENjQtflzgnT29q7wAvMNfZdh0i9
Bingo!