Part time CTF Player learn every day!!
🌠 I Love Hoshimachi Suisei!! 🌠
🌠 I Love Hoshimachi Suisei!! 🌠
🌠 I Love Hoshimachi Suisei!! 🌠
🌠 I Love Hoshimachi Suisei!! 🌠
OverTheWire Natas Level 4 → 5 tutorial!!
Published on 17 Dec 2023
Login
URL: http://natas5.natas.labs.overthewire.org
Credentials: natas5:0n35PkggAPm2zbEpOU802c0x0Msn1ToK
Task
The site shows:
Access disallowed. You are not logged in
Let’s inspect what’s happening with cookies.
A little bit of Theory
- HTTP Cookies are key-value pairs stored by the browser.
- Servers use them for session state or access control.
- Here, the server sets a cookie:
Set-Cookie: loggedin=0
If we flip it to 1, we might bypass the check.
Further reading:
Solution
-
Check response headers in DevTools (Network tab)
Notice
Set-Cookie: loggedin=0. -
Open DevTools → Application → Cookies
You’ll should see
loggedin=0but i change it to1. -
Edit the cookie value
Change it to:
loggedin=1
- Refresh the page
The site now grants access and shows the password for natas6.
Password
0RoJwHdSKWFTYR5WuiAewauSuNaBXned
Troubleshooting
- Still “not logged in”? → Double-check you set
loggedin=1under the right domain. - Cookie keeps resetting? → Disable auto-refresh extensions or reapply manually.
- Can’t find cookies? → In Chrome: DevTools → Application → Storage → Cookies.
Great job 🎉 You just bypassed authentication by flipping a cookie bit!
Thanks for reading!
Until next time — Otsumachi!! 💖☄️✨
all tags
GOT-overwrite aboutme aead ai alphanumeric-shellcode apt argc0 argon2 aslr assembly asymmetric atoi automation backbox bandit base64 bash beginner behemoth binary binary-exploitation binary-to-ascii blackarch blind blind-sqli blogging blue-team bruteforce buffer-overflow buffer-overwrite c caesar canary capabilities checksec command-injection commonmark cookie cron crypto cryptography ctf cutter cyberchef cybersecurity defenders detection dev directory-traversal dnf docs drifter ecc education elf env envp exploitation finale forensics format-string formulaone frequency frequency-analysis gcc gdb getchar gfm ghidra github-pages governance gpg guide hashing hkdf http jekyll jmpbuf kali kasiski kdf kernel keylength kramdown krypton lab ld_preload leviathan lfi lfsr linux linux-syscall llmops log-poisoning ltrace manpage markdown maze memcpy mitigations mitmproxy mlops narnia natas networking newline-injection nonce nop-sled nx object-injection obsidian openssl osint overflow overthewire package-manager pacman parrot path path-hijacking pathname php pie pkc pki pointer-trick pqc priv-esc privilege-escalation provable-security pwn pwntools pyshark python race-condition radare2 rag randomness recon red-team redirect relro requests ret2env ret2libc reverse-engineering reversing ricing roadmap rop rot13 rsa scapy security seed seo serialization session setjmp-longjmp setuid shell shellcode smoke soc sockets sprintf sql-injection srop stack-canary stack-overflow strace strcmp strcpy streamcipher strings strncpy strtoul substitution suid suisei symlink symmetric terminal test threat-intel time-based tls troubleshooting tshark type-juggling ubuntu udp utumno vigenere virtualbox virtualization vmware vortex walkthrough web windows wireshark writing wsl x86