Natas0
Solution: Right click and see source code. Natas1 - gtVrDuiDfck831PqWsLEZy5gyDz1clto Natas1 solution: Disable javascript in your browser and then see source code. Natas2 - ZluruAthQk7Q2MqmDeTiUij2ZvWy2mBi Natas2 solution: See the source code of that page In that soruce code , you can notice the following line <img src="files/pixel.png"> And just tried http://natas2.natas.labs.overthewire.org/files/ in browser so i found Directory Listing Security Vulnerability in that link And i found users.txt file in that directory and i found natas3 password. natas3 - sJIJNW6ucpu6HPZ1ZAchaDtwd7oGrD14 Directory Listing Security Vulnerability: Description: The web server is configured to display the list of all files contained in this directory. This is not recommended because the directory may contain files that are not normally exposed through links on the web site. Impact: A user can view a list of all files from this directory possibly exposing sensitive information. To avoid Directory listing vulnerability: Check this Link to understand in detail.
0 Comments
|
Details
Categories
All
Archives
June 2017
Vivek N
An idea can change your life :) |