OverTheWire - Natas - Level 3 → Level 4

Warning: This post contains a solution!

Only continue if:
1.) you want to see a possible alternative solution or
2.) you are stuck and need a hint!


Login using given credentials.

Username: natas4
Password: Z9tkRkWmpt9Qr7XrR5jWRkgOU901swEZ
URL:      http://natas4.natas.labs.overthewire.org

The message on the page is:

Access disallowed. You are visiting from "" while authorized users should come only from "http://natas5.natas.labs.overthewire.org/"

After clicking "Refresh page" on the site, the message changes to:

Access disallowed. You are visiting from "http://natas4.natas.labs.overthewire.org/" while authorized users should come only from "http://natas5.natas.labs.overthewire.org/"

This means, that the page checks the "Referer"-Header value and want's it to be "http://natas5.natas.labs.overthewire.org/". This can be done using any tool that allows editing the HTTP-Header values.
I'm using Burp and add following to the Request-Header:

...
Referer: http://natas5.natas.labs.overthewire.org/
...

Result is:

Access granted. The password for natas5 is iX6IOfmpN7AYOQGPwtn3fXpbaJVJcHfq
Show Comments