Cyber Security Blog

1. Objective  Find the password for natas level 16. URL: http://natas15.natas.labs.overthewire.org 2. Introduction After opening the webpage, we see a search form. The website allows us to search for users and responds with either "This user doesn't exist" or "This user exists" depending on whether the user was found or not.  user     natas16    3. Exploration Clicking on the View source code link we are able to view the logic of the server side code. The following code snippets shows that the provided username is searched for in the database and the corresponding result is returned      $query = "SELECT * from users where username=\"".$_REQUEST["username"]."\"";      if(mysqli_num_rows($res) > 0) {         echo "This user exists."; } else {      echo "This user doesn't exist."; } Ju...

1. Objective  Find the password for natas level 15. URL: http://natas14.natas.labs.overthewire.org   2. Introduction After opening the webpage, we see a login form. We need to get the correct credentials or somehow bypass the login page in order to proceed to the next level.   3. Exploration Clicking on the View sourcecode link we are able to view the logic of the server side code. The following code snippet is used to query the database to check if the username and password are valid $query = "SELECT * from users where username=\"".$_REQUEST["username"]."\" and password=\"".$_REQUEST["password"]."\""; However, we immediately notice that the input is not being sanitized and is being used directly in the query via string concatenation. These shows us that there is potential for sq injection        SQL injection is a cyber attack that exploits vulne...

1. Objective Find the password for natas level 13. 2. Introduction The first thing we see is a form that gives us the ability to upload 'JPEG' images.    Unlike the previous level, we get a message informing us that they will only be accepting image files. This hints to the fact that measures have been put in place to prevent us from uploading php files. Let's  see if this measures are sufficient 3. Exploration Let's use the 'View source code' button to check what clues we can find there. The process that takes place on the server. A file name is generated before the page is served to the user The filename is stored in a hidden field called filename When a user uploads a file, the server checks if the filename field is present It prepares for the file to be saved in the upload folder Check if the size of the file is greater than 1000 bytes Reject the fil...

  1. Objective Find the password for natas level 13. 2. Introduction The first thing we see is a form that gives us the ability to upload 'JPEG' images.    If proper checks have not been put in place to validate the uploaded file, it is highly likely that we may have a File Upload Vulnerability.  A File Upload Vulnerability is a security issue that arises when proper checks are not implemented to validate uploaded files. In this level, we explore the possibility of exploiting such a vulnerability. 3. Exploration Let's use the 'View source code' button to check what clues we can find there. The process that takes place on the server. A file name is generated before the page is served to the user The filename is stored in a hidden field called filename When a user uploads a file, the server checks if the filename field is present It prepares for the file to be saved in the ...

1. Objective Find the password for natas level 12. 2. Introduction When we open the webpage for Natas 11, we are greeted with the following message: Cookies are protected with XOR encryption. What is XOR: XOR is a binary operation that returns true (1) only when the number of true inputs is odd. It compares corresponding bits of two binary numbers, resulting in 1 for differing bits and 0 for identical bits. Example: Let's consider two binary numbers, A = 1010 and B = 1101. 1010 X 1101 ------- 0111 In this case, A XOR B equals 0111 in binary, or 7 in decimal. XOR Property: If A XOR B = C, then A XOR C = B. Verification: Let A = 1010, C = 0111, and find B. 1010 X 0111 ------- 1101 The result is 1101 in binary, which is B. So, A XOR C equals B, confirming the XOR property. This property holds true for any combination of A, B, and C, demonstrating that given any two values, you can find the third using XOR. 3. Exploration Ch...

URL: http://natas10.natas.labs.overthewire.org 1. Objective  Find the password for natas 11 2. Method      Open the Website:                Visit the provided URL in your browser.                Check the Source Code:      Bypassing the Filter:                Use command substitution $(command) to bypass the filter.                Enter the search term a $(find /etc/natas_webpass -name natas11 2>/dev/null) .     Explore the Output:                Examine the output, revealing files like index-source.html .      Find t...