Natas 3

http://natas3.natas.labs.overthewire.org/

This one's body section looks like this:

<body>
<h1>natas3</h1>
<div id="content">
There is nothing on this page
<!-- No more information leaks!! Not even Google will find it this time... -->
</div>
</body>

The "not even Google" part is probably a reference to the robots.txt file used to restrict bots & spiders.

Looking at http://natas3.natas.labs.overthewire.org/robots.txt shows there's secret, hidden directory called "/s3cr3t/"

Browsing there, we find another users.txt file.

Done!

Natas 2

http://natas2.natas.labs.overthewire.org/

The page for this one shows just the text "There is nothing on this page."

Looking at the source, the body section looks like this:

<body>
<h1>natas2</h1>
<div id="content">
There is nothing on this page
<img src="files/pixel.png">
</div>
</body>

Hmm, I wonder what else is in the "files/" directory?

Browsing to http://natas2.natas.labs.overthewire.org/files/, shows there's also a "users.txt" file hosted there and clicking that you can find the password.

natas3:sJIJNW6ucpu6HPZ1ZAchaDtwd7oGrD14

Natas 1

http://natas1.natas.labs.overthewire.org/
This one was essentially a repeat of the last one, except they had made a small effort to block right-clicking. My right-click still worked, but even if it didn't, you could always download the page with curl or wget and read through the source code that way.

Natas 0

http://natas0.natas.labs.overthewire.org/
username: natas0, password: natas0

This first level was pretty easy. The page says "You can find the password for the next level on this page", and if you view the source, you see "<!--The password for natas1 is gtVrDuiDfck831PqWsLEZy5gyDz1clto -->"

Done!