登陆进去看看 Access disallowed. You are visiting from “” while authorized users should come only from “http://natas5.natas.labs.overthewire.org/” 提示说用户只能来自于natas5
那就修改一下请求头中的referer, http协议是不检查的,随便写从哪里来它都信.
简单,用火狐的hackbar把始发地改一下就是了
The password for natas5 is iX6IOfmpN7AYOQGPwtn3fXpbaJVJcHfq
<?$defaultdata=array("showpassword"=>"no","bgcolor"=>"#ffffff");functionxor_encrypt($in){
$key='<censored>';$text=$in;$outText='';// Iterate through each characterfor($i=0;$i<strlen($text);$i++){
$outText.=$text[$i]^$key[$i%strlen($key)];}return$outText;}functionloadData($def){
global$_COOKIE;$mydata=$def;if(array_key_exists("data",$_COOKIE)){
$tempdata=json_decode(xor_encrypt(base64_decode($_COOKIE["data"])),true);
LV0natas将是一些服务端的安全基础知识,ok,试一下吧You can find the password for the next level on this page.打开就是这句话,在此页能找到密码,但是找不到呀,那就看下源码吧 F12再注释里找到密码The password for natas1 is gtVrDuiDfck831PqWsLEZy5gyDz1cltoLV...