OverTheWire Wargame "Natas" Level 4 [How-To/Web]

So Level 3 required a bit more knowledge of web servers and how searches parse them, but we got through it and are now on Level 4.

When we load up this level, we are welcomed by the following error:


So it can see where we are coming from, and it doesn't like it.

There's a "Refresh page" button, lets click that and see what happens.



So now it sees that we are just refreshing the page. A little knowledge of how messages are sent through HTTP is required here.
When an HTTP request is made, there are certain fields that are filled in, and one of them is a "referer".
Maybe you can catch on where I'm going from here. What we need to do is hijack the request and change the referrer to be what it says it should be.

How are we going to do this? Well, I'm using Chrome, and there's this nice little tool called "Referer Control" which can be found here. Go ahead and install it (and if you're not, use Chrome already!) and I'll tell you how to configure it to help us out.

Loading up this app brings us to the main screen of the configuration:



For our setup, we are going to use the top section, where we can enter a website under "site filter".
If we use the "default referrer for all other sites" it will change it for every single HTTP request we make.

Enter "http://natas4.natas.labs.overthewire.org/" for the site, and select the "Custom" setting for the "referrer setting".
From there, enter "http://natas5.natas.labs.overthewire.org/" for the referrer site as seen below:



The red X on the left is the delete button (not an error), so don't click on that unless you want to remove this specific site referral.

Once this is done, go back to Level 4, and you should see this (you might have to refresh the Referrer Control Settings):


There we have it, natas5:V0p12qz30HEUU22dz7CZGHiFk3VdPA9Z.

On to Level 5!

Popular posts from this blog

Hacking Metasploitable #1: Introduction & IRC Hack [Metasploit/Linux/Exploit/How-to]

Vagrant "Fuse Device Not Found" Error Fix

How to Unfollow Blogs or "Reading List" on Google [Non-Technical]