Natas Level 7 → Level 8

Main page

Logging into natas7, we see 2 links, one to home, the other one to about web pages.

natas7 start

Home and About

Here we can see both home and about web pages showing the exact same thing.

natas7 home natas7 about

Both gives hints that the password for the next level is located in the /etc/natas/webpass/ folder.

Directory Traversal Attack

Playing around with the address bar and the /etc/ path, we get an error specifying that the current path we inserted in the URL can’t be open in the specific directory.

natas7 dta

This error fully tells us where we are in the directory folder. Here we can use Directory Traversal Attack (DTA) to navigate the web servers folders and files.


Toying around with DTA in the address bar we were able to find the password for the next level.

natas7 password