 What's up, everybody? John Hammond here continuing on the Natus videos from the over-the-wire war games So we just got the password for Natus level 2 and we have been storing these in these Python scripts that we've been creating and That way that each individual file or script that we end up creating will print out the flag or the password for the level That we need to move into Next so we've got these for level zero level one, etc And let's go ahead and actually run these to make sure they're doing what they want it what we want them to do So Python Natus zero dot pi it prints that out same with Natus one dot pi and we've got the password and everything just moving swell force we can make all these executable so we don't have to use that Python preference, etc and That looks good for us. Okay, cool So let's move into actually Natus 2 right now because I think that is only just getting yeah The the web page content here for us. Let's actually go view that in the web browser so we can see what we're looking with I've got it pulled up right here. Again, if you needed to get to the page you can authenticate by pasting in the password that our scripts are now getting for us and It says here there's nothing on the page There is Nothing on the page. It's exactly right in that regard No interesting HTML source code or HTML comments that we've seen like in the previous levels But if you look closely, we do notice a image file image source file pixel dot PNG if we examine that just in our browser It's a one by one pixel that doesn't seem to really do anything for us, but Take note that this is currently Located in a files folder here You can see that kind of relative path in the HTML link here or the href read the the path that it's trying to reach from the image source I'm gonna use some sublime text to set the syntax to HTML right here and Let's kind of see what we can see In that directory can we can we reach that in the web browser? I'm gonna check out files for slash files and we do get to read the index of files here Interesting stuff. There's pixel dot PNG and there's users dot text which might be peculiar Let's go ahead and see if we can reach this in our code. Let's get to files run it with control B and We are getting the same index of files here. It looks kind of messy in this So let's make this better. We can install a package for sublime text I'm thinking of HTML tidy and that will beautify tidy and clean Purified the HTML code that we're looking at in sublime text once that is installed We should be able to just control shift P and run HTML tidy tidy HTML and Suddenly it will clean up all of this for us So we can view this table a little bit more cleanly and actually read through this page in sublime text So here again, you'll see We've got the pixel that's noted in here and we've got the users dot text file We can see the link to it just relative to where we are users dot text. So let's check out that file Again, just changing the link in our script users dot text control B to run this and Looks like we've got some interesting stuff username and password Syntax or semantics here and we see Natus 3 it listed in there and the password clear as day. So cool. Let's scrape this out Let's use Looks like we can just say Natus colon Natus 3 colon and then what we want to scrape out We can we don't need to print the content anymore We can just print out what we scrape and there's the password for us. Awesome. So that is now a complete Natus 2 script Let's put the password into a Natus 3 script Change the username, etc print out the content so we can see where we're at Run this again Okay, we're getting a 404 not found because it thinks we're still looking at files dot users dot text Let's make sure to change that location and Let's just keep looking in sublime text what this What this level looks like So HTML source code again looking at the web page now we're on Natus 3 content is there's nothing on this page And there is an HTML comment here. No more information leaks. Not even Google will find it this time. Ah Okay, so this is a nod And a hint towards like internet web crawlers. So that's robots dot text files Like Google has to index and crawl through the web page to have Although search engine results Web robots are programs that traverse the web automatically so search engines such as Google use them index of web content Etc. You may have seen me refer to some of these and other capture the flag challenges. It's a pretty common low-hanging fruit Some of you a rock you've got to check under if you're doing some website reconnaissance and stuff like that to see what might be hidden from the Robots dot text file. So it's just in the web route of the website that you're looking at so we can just tack on robots dot text here and The website if you learn a little bit more about this is the syntax you'll typically see and we'll see it just now once we run this Once we run this code Cool, so we made a connection. Here's the response. We're getting user agent anything disallowed this secret directory Hmm. If you want to see this in your web browser Again, make sure you're at Natus 3 Natus 3 paste it in Robots dot text and this is just how it looks plain text file Completely nothing and that's what we're working with. So let's get check out that secret in leapspeak directory Pass this in looks like we've got an index page again. Let's run HTML tidy So we can check out what is in this directory listing that we've got here a blank icon Another another icon Okay, another users dot text file relative to the secret path. So Let's go ahead and download that Users dot text run this file and we've gotten at us for just like that. All right, cool. So let's Put that in our regular expression finder and we've got the password for the next level Save this as our completed Natus 3 script Created as a new one for Natus 4 pasting the correct password and we are ready to move on. Cool. Thank you guys for watching That's all I want to cover in this video. I think the HTML tidy Scripts or that that plugin for sublime text is pretty awesome It's definitely coming handy for us as we're doing some ninja stuff in sublime text and just cruising through Natus The web security of war game from over the wire We'll jump in the next one in the next video But I hope you're pretty content with what we've got so far of these little weaponized scripts that from the command line We can just straight up run. Hey Python Natus 3 get the password same for Python Natus 4 and Let's see we did two in the previous one so for what we got to complete, but we're just cruising along Thank you guys for watching. Hope you're enjoying these. Please maybe leave a like comment subscribe I don't know do your do your good YouTube stuff. See you in the next video