OverTheWire:- Updated Natas Walkthrough — Level 9

3 min readApr 1, 2024

Hello everyone, I would like to share how I solved Nastas CTF also Here is the updated password, I hope this write-up will be helpful.

hello Folks!!! it’s a samxia99
My Bio link:-https://beacons.ai/samxia99
Greetings everyone! I’m excited to share with you how I was able to successfully conquer a CTF challenge. Through this write-up, I’ll provide a clear explanation of my techniques and strategies, and I’m confident that it will greatly benefit those who are interested in CTF challenges. So, sit back, relax, and let me take you on an informative journey.

Just a quick reminder that the game has been updated, so the password has also been changed. I hope this password is helpful!

Natas Level 8 → Level 9

Here are the login details.

Username: natas9
URL:      http://natas9.natas.labs.overthewire.org

After logging in we can see this page.

we solved this type of challenge before we needed to find a words containing and submit it, but at this level, the $key is null so we need to find the key. Here is the past hint and our key is in dictionary.txt

passtru command is execute any system command.

At this level, we can use a command injection like (;) this one. the semicolon is used to execute two commands at the same time. example if you use ls ; cd Downloads here is first cmd will be executed and after that cd Downloads.

let us find words by inputting cmd ; ls -a ; by ; ls will cmd we can find what file in this level. and by using ; ls -a ; cmd we can find all hidden files.

So to find out passwd in this level we can use normal files where is passwd normally hidden in OTW. /etc/natas_webpass/natas10 let’s use this cmd.