Natas 4 -> 5

user: natas4
pass: Z9tkRkWmpt9Qr7XrR5jWRkgOU901swEZ

Well, this is rude. Access disallowed, unless we visit from... the website we're trying to get to. The trick to this level is that HTTP, the protocol that these challenge websites are based on, can be spoofed. In this case, we can actually do it most easily from the command line.

If you want a hint without the answer, try 'man curl'.

For those of you wanting an answer to how to do this, here we go. The trick is that we need to create a new header that tells the website it was requested by natas5. Therefore, the command you're looking for is:

>>>curl 'http://natas4.natas.labs.overthewire.org/' -H 'Referer: http://natas5.natas.labs.overthewire.org/' -u natas4

And voila! The answer will appear.

Comments

Popular posts from this blog

Natas 11 -> 12

Natas 7 -> 8

Natas 8 -> 9