💻
Ashish Khairnar
  • #whoami
  • Exam Reviews
    • Certified Red Team Professional Exam
  • OverTheWire
    • Bandit
      • Bandit Level 0
      • Bandit Level 0 → Level 1
      • Bandit Level 1 → Level 2
      • Bandit Level 2 → Level 3
      • Bandit Level 3 → Level 4
    • Natas
      • Natas Level 2 → Level 3
      • Natas Level 3 -> Level 4
      • Natas Level 4 -> Level 5
      • Natas Level 5 -> Level 6
      • Natas Level 6 -> Level 7
      • Natas Level 7 -> Level 8
      • Natas Level 8 -> Level 9
  • TryHackMe - Write-ups
    • TryHackMe - Vulnnet
  • HackTheBox - Writeups
    • HTB - ScriptKiddie
Powered by GitBook
On this page

Was this helpful?

  1. OverTheWire
  2. Natas

Natas Level 3 -> Level 4

Skills - BurpSuite or proxy, HTTP Headers

PreviousNatas Level 2 → Level 3NextNatas Level 4 -> Level 5

Last updated 5 years ago

Was this helpful?

Username: natas4
Password: Z9tkRkWmpt9Qr7XrR5jWRkgOU901swEZ
Target URL: http://natas4.natas.labs.overthewire.org

Modified Request - We modify referrer as shown below. Also, modify /index.php in the GET request as that will likely throw as error too.

Once you forward the modified request, you will land to homepage and get the flag.

Password - iX6IOfmpN7AYOQGPwtn3fXpbaJVJcHfq

The access is disallowed if you directly try visit the site. It says to come from . If you directly visit with "natas4" creds, it says unauthorized.

Viewing page source will reveal nothing. We need to think of accessing target URL by visiting and somehow re-directing to target URL.

For this, we need to start using proxy (I have used BurpSuite community edition) -

Original request when clicked "Refresh Page" - We see "Referer" field being used and it comes from target URL itself, which is quite normal. But looking at the homepage., it says access is allowed to homepage is only through . Let's change Referer to ""

http://natas5.natas.labs.overthewire.org
http://natas5.natas.labs.overthewire.org
http://natas5.natas.labs.overthewire.org
https://www.youtube.com/watch?v=YCCrVtvAu2I
http://natas5.natas.labs.overthewire.org
http://natas5.natas.labs.overthewire.org
Initial Login
Original request
Modified Request