Alright. It looks like we have to make this server think we came from http://natas5.natas.labs.overthewire.org/. There’s a couple of places it could be getting this information from. Let’s check cookies…
Nope. Googling shows that that’s a Cloudflare identification cookie. Not useful to us.
Another place is the HTTP header.
There’s plenty of tools that can edit request headers, both in Kali Linux and as Chrome plugins. But let’s try using curl. curl is a tool that transfers data from a server to a client. So when you use it on a webpage, you download the source code. You can also customise your headers. So let’s set the Referer header to http://natas5.natas.labs.overthewire.org/.
$ curl 'http://natas4.natas.labs.overthewire.org/' -H 'Referer: http://natas5.natas.labs.overthewire.org/' -u natas4
Enter host password for user 'natas4':
Access granted. The password for natas5 is iX6IOfmpN7AYOQGPwtn3fXpbaJVJcHfq
We use -H to specify a header and -u to specify the user. Then we provide the password, and voila.