Monday, October 29, 2012

OvertheWire - Natas Wargame Level 4 Writeup

Level 4

We can use the credentials obtained from the previous post to log in to Level 4. Upon logging in, we are presented with the following screen:

Interesting. This is different than our other challenges, and viewing the source doesn't help. We can see that the challenge lists the location of the page we were just on before we logged in to the challenge. This tells me that it is viewing the "Referer" header field to determine if we have come from "". Let's fire up Burp, make the request, and spoof the Referer header:

These are the headers for our original request. We can change the Referer header as follows:

Let's forward the request, and see what happens:

As expected, the site now believes we have come from Level 5, and gives us the password for natas5, allowing us to log in to the next challenge. More writeups to come.


No comments:

Post a Comment