[OverTheWire] Natas – Level 03
http://natas3.natas.labs.overthewire.org/
There is nothing on this page
Xem source:
[html]
<html>
<head>
<!– This stuff in the header has nothing to do with the level –>
<link rel="stylesheet" type="text/css" href="http://natas.labs.overthewire.org/css/level.css">
<link rel="stylesheet" href="http://natas.labs.overthewire.org/css/jquery-ui.css" />
<link rel="stylesheet" href="http://natas.labs.overthewire.org/css/wechall.css" />
<script src="http://natas.labs.overthewire.org/js/jquery-1.9.1.js"></script>
<script src="http://natas.labs.overthewire.org/js/jquery-ui.js"></script>
<script src=http://natas.labs.overthewire.org/js/wechall-data.js></script><script src="http://natas.labs.overthewire.org/js/wechall.js"></script>
<script>var wechallinfo = { "level": "natas3", "pass": "sJIJNW6ucpu6HPZ1ZAchaDtwd7oGrD14" };</script></head>
<body>
<h1>natas3</h1>
<div id="content">
There is nothing on this page
<!– No more information leaks!! Not even Google will find it this time… –>
</div>
</body></html>
[/html]
Dòng nói đến Google là một gợi ý về file robots.txt. Truy cập:
User-agent: * Disallow: /s3cr3t/
Truy cập:
Index of /s3cr3t [ICO] Name Last modified Size Description [DIR] Parent Directory - [TXT] users.txt 12-Jul-2013 13:35 40 Apache/2.2.22 (Ubuntu) Server at natas3.natas.labs.overthewire.org Port 80
Mở file users.txt:
natas4:Z9tkRkWmpt9Qr7XrR5jWRkgOU901swEZ
→ flag = Z9tkRkWmpt9Qr7XrR5jWRkgOU901swEZ.
![[OverTheWire] Natas – Level 19](https://ctf.yeuchimse.com/wp-content/themes/hueman/assets/front/img/thumb-medium-empty.png)
Recent comments