Hello everyone, I would like to share how I solved Nastas CTF also Here is the updated password, I hope this write-up will be helpful.
hello Folks!!! it’s a samxia99
My Bio link:-https://beacons.ai/samxia99
Greetings everyone! I’m excited to share with you how I was able to successfully conquer a CTF challenge. Through this write-up, I’ll provide a clear explanation of my techniques and strategies, and I’m confident that it will greatly benefit those who are interested in CTF challenges. So, sit back, relax, and let me take you on an informative journey.
Just a quick reminder that the game has been updated, so the password has also been changed. I hope this password is helpful!
Natas Level 19 → Level 20
- Here are the login details.
Username: natas20
URL: http://natas20.natas.labs.overthewire.org- After logging in we can see this page.
- Here we get a session warning so we might guess this level Session Handing type level. let’s view the source code.
- This source code contains important paragraphs that can help us understand the level better and provide hints.
- Here they talk about debug so let’s search debug in URL.
- Debug message indicates Session file doesn’t exist. However, reloading the page reads from the session file.
- I believe this is the initial configuration session followed by the reading session.
- Open Burp Suite and intercept the request.
- Identify the name header and send it to Repeater to make changes to the name parameter.
- We need to change the name parameter to name=%0Aadmin 1. This is a previously solved level. After making the change, click send one or two times until the password for natas21 appears.
- We can see Here we get the password to the natas21.
Pass:-89OWrTkGmiLZLv12JY4tLj2c4FW0xn56Hopefully, this write-up will be useful for everybody, I have tried to make it easy to read.
Next level:-https://medium.com/@samarthkokil64/overthewire-updated-natas-walkthrough-level-21-f39db932593f
Previous level:-https://medium.com/@samarthkokil64/overthewire-updated-natas-walkthrough-level-19-4c0d1236206c
PS:- THANKS FOR READING
