Recap of Last Lesson: We evaded a security control designed to prevent us from viewing the source code.
Natas Level 2
Objective
Find the password to log into level 3.
Intel Given
- URL: http://natas2.natas.labs.overthewire.org/
How to
We come into this challenge with very little to go off of. Following the basic steps we learned in the previous challenges, we should view the source code. Huh. No password there this time. In fact, there seems to be nothing. This is the part where we need to think like hackers. Often times, we are not looking for the answer. We are looking for something that will lead us closer to the answer. Do you see anything new on the page? I do.
There appears to be an image file. Lets check it out. Now, there is something important to note about that image. It is linked using a relative path. What this means is the location is specified relative to where we are now. The file-system on a website is not dissimilar to the file-system on your machine right now. so when we see:
<img src=”files/pixel.png”>
What we are looking at is:
http://natas2.natas.labs.overthewire.org/files/pixel.png
because we are currently looking at a file at:
http://natas2.natas.labs.overthewire.org/
So lets check it out.
Hmmm. Just seems to be a
stupid pixel. Lets think back again at that relative path. It is on the website, inside a folder called
files. I wonder if there is anything else in that folder. But how can we check? It’s actually pretty simple. Lets just
browse to it.
Well look at that. There is something there. What we are seeing is a directory index. Most websites will have directory indexing turned off. Lucky for us, this wasn’t the case. lets go check out that other
interesting file. And there we have it. Use the information to log into Natas3.
Conclusion
We covered the importance of paying attention to detail, as well as getting on an understanding of what a relative path is, as well as exploring a site with directory indexing enabled.