hacking, owasp, web application security

OverTheWire: Natas Level 7 – #appsec #webapp #websecurity #wargames

Another day, another challenge…

In today’s blog post we will solve level 7 from the Natas wargame challenge.

Let’s begin.

Going to the following link, and entering username “natas7” and password “7z3hEENjQtflzgnT29q7wAvMNfZdh0i9” we see the following:

Natas7_WarGame_1

Natas7_WarGame_2

Hmm… we see a Home and About links. Let’s click the links and see what happens.

Natas7_WarGame_3

Natas7_WarGame_4

After clicking the links we see there’s not much that’s showing on the screen.

Let’s view the source and see if there are any hints there.

Doing a right click, view page source we see:

Natas7_WarGame_5

Hmm… we see a comment that says, “password for webuser natas8 is in /etc/natas_webpass/natas8”

How can we use this information?

Looking at the above screenshots of Home and About – we notice that at the end of the URL it’s referencing a page. For instance for the home page it’s “page=Home” and for About it’s “page=About”. Let’s try to change the page name to the hint that was provided to us.

Changing the URL to: http://natas7.natas.labs.overthewire.org/index.php?page=/etc/natas_webpass/natas8, we see…

Natas7_WarGame_6

the flag!