Fast Feed

Natas2 — Wargames solutions writeup

1 min read

Summary

  • The Natas2 Wargame requires users to gain the username and password for the next level, ‘natas3’
  • Users need to access the URL http://natas2.natas.labs.overthewire.org/, entering the username ‘natas2’ and a password (supplied from natas1).
  • Upon loading the page, users can view the source code, spotting the img tag leading to a black pixel image, as well as a hidden endpoint /files.
  • Visiting this endpoint reveals a directory listing vulnerability, providing access to files and directories.
  • Users can view the ‘users.txt’ file, containing a list of usernames and passwords, including the ‘natas3’ password, needed to progress to the next level.

By Adithya M S

Original Article