💻
Ashish Khairnar
  • #whoami
  • Exam Reviews
    • Certified Red Team Professional Exam
  • OverTheWire
    • Bandit
      • Bandit Level 0
      • Bandit Level 0 → Level 1
      • Bandit Level 1 → Level 2
      • Bandit Level 2 → Level 3
      • Bandit Level 3 → Level 4
    • Natas
      • Natas Level 2 → Level 3
      • Natas Level 3 -> Level 4
      • Natas Level 4 -> Level 5
      • Natas Level 5 -> Level 6
      • Natas Level 6 -> Level 7
      • Natas Level 7 -> Level 8
      • Natas Level 8 -> Level 9
  • TryHackMe - Write-ups
    • TryHackMe - Vulnnet
  • HackTheBox - Writeups
    • HTB - ScriptKiddie
Powered by GitBook
On this page

Was this helpful?

  1. OverTheWire
  2. Natas

Natas Level 6 -> Level 7

Skills: Local File Inclusion

PreviousNatas Level 5 -> Level 6NextNatas Level 7 -> Level 8

Last updated 4 years ago

Was this helpful?

Let's login -
Creds - natas7:7z3hEENjQtflzgnT29q7wAvMNfZdh0i9
URL - http://natas7.natas.labs.overthewire.org/

Upon login and see Home and About page. Viewing source reveals the "key" file location.

Local File Inclusion (LFI) -

http://natas7.natas.labs.overthewire.org/index.php?page=/etc/natas_webpass/natas8

Visiting above link gives us the password as guessed. This is a called a Local File Inclusion (LFI) vulnerability where the attacker can access the files outside the web application home directories which are typically located in "/var/www/html/" in Linux based systems.

Upon clicking "Home", we land to following URL - Looking at source code [CTRL + U], we see the natas8 password is located in /etc/natas_webpass/natas8 We can try to include this file path in URL and see if we get a respond back with a natas8 password.

http://natas7.natas.labs.overthewire.org/index.php?page=home
Home Page after login
Invoking LFI vulnerability