Level 8 of the OverTheWires Natas wargame was pretty simple, as a developer, but could prove more difficult if you don't have similar background.
It starts out with a secret password input.
Like other levels, I looked at the source code to see what was going on in the background.
Based on this code, you can see that it has a stored secret value, that is base64 encoded, then reversed, and then converted to a hex string. That value is then compared to the stored secret value, and if it's a match, it will give you the next level's password.
I decided to write a reversal program in php, since it was super easy. The only problem it gave me, was that there is no built-in hex2bin method until a newer version of PHP than I had on my machine. Luckily, on the bin2hex documentation page, someone kindly wrote a reversal function that I stole.
Once I executed that program in php, it gave me the decoded password. Once I entered it into the page, it gave me the password to the next level.
Wednesday, November 7, 2012
OverTheWire Natas Level 8
Labels:
encoding
hacking
natas
overthewire
php
wargames
linux linux linux
OverTheWire Monxla Part 3Nov 26, 2012
OverTheWire Monxla Part 2Nov 25, 2012
OverTheWire Monxla Part 1Nov 24, 2012
Author: Unknown
Waythemes is a blogger resources site is a provider of high quality blogger template with premium looking layout and robust design
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment