OverTheWire Natas Level 10

1 minute read Nov 9, 2012 Comments
On to Level 10 of the OverTheWire Natas wargame! This level is extremely similar to level 9, except that now they are implementing a basic filtering, to prevent you from entering certain characters that could cause changes in the execution of the program. However, their filter is flawed. It starts out just like the last level, with a search dialog. Again, as always, I review the code since it’s available. You can see that it’s using a “preg_match” to try to filter out bad characters.

OverTheWire Natas Level 9

1 minute read Nov 8, 2012 Comments
The next level of OverTheWire’s Nata challenge is Level 9. This is a command injection vulnerability. Initially, you are given a search box. Just like in previous levels, I looked at the available source code. You can see the vulnerability is that the user input is not sanitized. Due to this, you can inject code into the “grep” command it is running to do the search. I simply put in the search box, “; cat /etc/natas_webpass/natas10”, since that is where the password file is located.