OverTheWire — Natas Level 5

Complete Walkthrough and explanation with images of natas level 5

  • after logging in, natas5:iX6IOfmpN7AYOQGPwtn3fXpbaJVJcHfq
  • we can see a message Access disallowed. You are not logged in
  • if we view the page source, we don’t get anything useful
  • So to solve this level, we should know what cookies are. Cookies are small pieces of data that store information about the user or computer for identification.
  • Now, we have to manipulate the cookie in such a way that we are logged in.

By using curl command:

  • curl is a tool to transfer data from or to a server
  • curl http://natas5.natas.labs.overthewire.org/ -u natas5 -c natas5_cookie.txt
  • -u as this requires authentication, we provide a user, when prompted, enter the natas5 level password
  • c is used to get the cookies on the website, and natas5_cookie.txt is the filename where the cookies will be stored
  • please read the man page for more man curl
  • after this, we get a file displaying the cookies
  • now we have to edit the file and changeloggedin to loggedin 1 (0 means false and 1 is true)
  • now we need to send this edited cookie file, curl http://natas5.natas.labs.overthewire.org/ -u natas5 -b natas5_cookie.txt"
  • here b is used to mention the cookie file name we modified
  • And we get the password!!
  • We can also do this by changing the cookie directly from the browser or by using some browser extension for cookie manipulation.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Hritesh J

Hritesh J is a student pursuing undergraduate studies in CS. Loves cybersecurity and playing ctfs and writing about them. “learning one new thing every day.”