This one says:
Access disallowed. You are visiting from "" while authorized users should come only from "http://natas5.natas.labs.overthewire.org/"
It's likely using the comically misspelled "HTTP Referer" header to figure out where you came from.
What happens if we intercept the request to http://natas4.natas.labs.overthewire.org/ with BURP proxy, add an "HTTP Referer" header, and set it to "http://natas5.natas.labs.overthewire.org/"?
Success!
No comments:
Post a Comment