DISCLAIMER: The information in this site is for educational purpose only. The authors of this blog are not responsible for any kind of misuse of this information.

Friday, December 13, 2013

OverTheWire Natas 22

Code inspection reveals that if we will send the GET request with "revelio" parameter, we will receive the next level credentials.

There is one complication. If we are not the admin, a redirection header will be added to the HTTP response. To overcome this, don't use a browser (alternatives - wget, curl, proxy tool ... )

And you got the keys to the next level :)

No comments :

Post a Comment

Subscribe to: Post Comments ( Atom )