Login
Username: natas8
Password: DBfUBfqQG69KvJvJ1iAbMoIpwSNQ9bWe
URL: http://natas8.natas.labs.overthewire.org
Solution
Let’s check out the sourcecode.
Oh no. It looks like they encoded their secret code. If only we could reverse it. Oh wait, we totally can. Let’s use php -a to use an interactive PHP interpreter.
1 2 3 4 |
$ php -a Interactive shell php > |
Alright, let’s input the encoded secret code.
1 |
php > $encodedSecret = "3d3d516343746d4d6d6c315669563362"; |
Now let’s run the encoding algorithm in reverse order on the encoded secret.
1 2 |
php > print base64_decode(strrev(hex2bin($encodedSecret))); oubWYf2kBq |
Easy peasy. Let’s input our code into the form and submit.
Yippee.