Natas Pt.1
I decided that I want to work through the serverside web-security series. I will be updating as I do more of these with each post depending on how long the individual level takes me. Because we are at the beginning, I have the first 3 levels for you today.
Level Zero
You open with Level Zero showing this message. My first inclination was to check the page source.
As you can see, the password for Level One is in the comment on line 16. Enter that and I move on to Level One.
Level One
This is very similar to Level Zero. The only difference is you have to go to the developer tools under the top right of Google Chrome, which is what I am using. The password is quickly findable.
Level Two
This is the first level that I noticed things to get significantly harder.
The page tells you that there is nothing on it. I am a skeptic and began to examine the developer tools because I believed that there was probably an answer hidden within there. This was buoyed by the fact that there was a .png file that was 1×1 pixels large that I thought may have information if I could zoom in. However, accidentally clicking a file link showed that I was wrong and needed to instead go to ../overthewire.org/files. This was where the image I had seen as well as a users.txt file was available.
Once I entered this page, I opened users.txt and was able to find the password for the next page.
That’s all for me today. I am participating in the 2023 Cyber 9/12 competition in DC which is just under two weeks so I may not have an update until after then, but I will keep this up! I want to get to the end of this.