natas0
OverTheWire natas0 Challenge
Challenge description:
http://natas0.natas.labs.overthewire.org
Okay, so let’s load up the site!
Hm, well I don’t see it on the page, so let’s look at the html that makes up the site.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
<html>
<head>
<!-- This stuff in the header has nothing to do with the level -->
<link rel="stylesheet" type="text/css" href="http://natas.labs.overthewire.org/css/level.css">
<link rel="stylesheet" href="http://natas.labs.overthewire.org/css/jquery-ui.css" />
<link rel="stylesheet" href="http://natas.labs.overthewire.org/css/wechall.css" />
<script src="http://natas.labs.overthewire.org/js/jquery-1.9.1.js"></script>
<script src="http://natas.labs.overthewire.org/js/jquery-ui.js"></script>
<script src=http://natas.labs.overthewire.org/js/wechall-data.js></script>
<script src="http://natas.labs.overthewire.org/js/wechall.js"></script>
<script>
var wechallinfo = { "level": "natas0", "pass": "natas0" };
</script>
</head>
<body>
<h1>natas0</h1>
<div id="content">
You can find the password for the next level on this page.
<!--The password for natas1 is {hidden in accordance with game rules} -->
</div>
</body>
</html>
And look at that, the password was in a comment on the source code, which is a real problem you’ll find in the world.
This post is licensed under CC BY 4.0 by the author.