Natas Level 2 to Level 3 Write Up

Here’s my write up for Natas level 2! I’ll be publishing write ups as I traverse through the challenges. These write ups are meant to display my thought process behind solving the challenges. At the end I add what security best practices to implement to avoid these vulnerabilities in real life! Enjoy!

Log into http://natas2.natas.labs.overthewire.org

I read the webpage, then open up DevTools again and look at the rendered HTML. I notice there’s an image tag with a path to a .png file that is located somewhere on the webserver and not from an externally hosted location.

I paste the filepath at the end of the URL but this doesn’t work.

I remove pixel.png and navigate to the files folder. Here I can see what files are located in the file directory. The pixel.png file and a users.txt file.

Clicking on the users.txt I now have the passwords and usernames for several accounts included Natas3!

Security best practice takeaway: Do not store files not meant to be accessed by the public in the same directories as publicly available content.

Thanks for reading! I’m a Security Engineer who’s goal it is to share what I learn- and if it helps others that’s a bonus. If you’d like to connect with me, check out my LinkedIn.