Another day, another challenge…
In today’s blog post we’re going t solve level 6 in the Natas wargame.
Going to the following link and entering the username of “natas6” and password of “iX6IOfmpN7AYOQGPwtn3fXpbaJVJcHfq” we see the following:
Doing a right click, view source we see:
Hmm… there’s not much in here, except there’s a view sourcecode. Let’s see what this source code will yield us…
Looking at the middle of the page, we see that there’s php code (code between <?…?>), we notice that there’s an include/secret.inc. Let’s see if we can access this file and see what’s inside the file.
Changing the URL to “natas6.natas.labs.overthewire.org/includes/secret.inc” we see:
… a blank page. Let’s do a right click, view page source to see if there are nuggets hidden beneath the surface.
Doing a right click, view page source we see the following:
Hmm… looks like we find the secret.
Let’s enter this into the input box and see if this unlocks the level.
Entering the secret above into the input box we get:
We found the flag!