BB

technology and craziness.

BB

technology and craziness.

OverTheWire - Natas - Level 3 → Level 4

Warning: This post contains a solution!
Only continue if:
1.) you want to see a possible alternative solution or
2.) you are stuck and need a hint!

Login using given credentials.

URL: http://natas4.natas.labs.overthewire.org
Username: natas4
Password: Z9tkxxxxxxxxxxxxxxxxxxxxxxxxxxxx

The message on the page is:

Access disallowed. You are visiting from "" while authorized users should come only from “http://natas5.natas.labs.overthewire.org/"

After clicking “Refresh page” on the site, the message changes to:

Access disallowed. You are visiting from “http://natas4.natas.labs.overthewire.org/" while authorized users should come only from “http://natas5.natas.labs.overthewire.org/"

This means, that the page checks the “Referer”-Header value and want’s it to be “http://natas5.natas.labs.overthewire.org/" . This can be done using any tool that allows editing the HTTP-Header values.
I’m using Burp and add following to the Request-Header:

1
2
3
...
Referer: http://natas5.natas.labs.overthewire.org/
...

Result is:

Access granted. The password for natas5 is iX6Ixxxxxxxxxxxxxxxxxxxxxxxxxxxx