Tuesday, 23 September 2014

Wargames - Natas 01

Tags: , , , ,
<< Previous challenge

Recommended reading:
  • curl (basic stuff only)
Using the credentials discovered from the previous challenge, let's login into this second one.

We head up to http://natas1.natas.labs.overthewire.org and again see a very simple webpage, with nothing to interact with, the difference with this challenge is that we're told right-clicking has been blocked. This should be an obvious clue that they're trying to hide something on the source code.
Shortcuts come handy in this challenge, you can press F12 or CTRL+U to take a look at the source code, alternatively, if you couldn't use shortcuts either, you could use curl to get the page, and here's the command to do so:
curl http://natas1:gtVrDuiDfck831PqWsLEZy5gyDz1clto@natas1.natas.labs.overthewire.org
So here's the super protected source code:
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
<html>
<head>
<!-- This stuff in the header has nothing to do with the level -->
<link rel="stylesheet" type="text/css" href="http://natas.labs.overthewire.org/css/level.css">
<link rel="stylesheet" href="http://natas.labs.overthewire.org/css/jquery-ui.css" />
<link rel="stylesheet" href="http://natas.labs.overthewire.org/css/wechall.css" />
<script src="http://natas.labs.overthewire.org/js/jquery-1.9.1.js"></script>
<script src="http://natas.labs.overthewire.org/js/jquery-ui.js"></script>
<script src=http://natas.labs.overthewire.org/js/wechall-data.js></script><script src="http://natas.labs.overthewire.org/js/wechall.js"></script>
<script>var wechallinfo = { "level": "natas1", "pass": "gtVrDuiDfck831PqWsLEZy5gyDz1clto" };</script></head>
<body oncontextmenu="javascript:alert('right clicking has been blocked!');return false;">
<h1>natas1</h1>
<div id="content">
You can find the password for the
next level on this page, but rightclicking has been blocked!

<!--The password for natas2 is ZluruAthQk7Q2MqmDeTiUij2ZvWy2mBi -->
</div>
</body>
</html>
And again, as simple as level 00, looking at line 17 gives us the credentials for level 02:

User natas2
Password ZluruAthQk7Q2MqmDeTiUij2ZvWy2mBi

Again a very simple level, but just as I mentioned in level 00, sometimes developers forget to remove important comments that reveal sensitive information. Furthermore, spotting that right-clicking as been blocked should be indicative that they're trying to hide something in the source code.

Never Settle,

<< Previous challenge
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)