Natas is a CTF through OverTheWire and more can be read about it here. This will be a writeup for levels 0–2. I also have included MITRE ATT&CK mapping for each scenario for my learning (and yours if you care about that sort of thing).

Level 0

When you first login to Natas0, this is the page you are given.

This level is super simple because all that is needed is viewing the source code. This can be done by right-clicking the page and pressing "view page source" or by pressing ctrl+u and this will show you the source in a new tab.

We can see in the source that the password for natas1 is: 0nzCigAq7t2iALyvU9xcHlYN4MlkIwlq.

MITRE Information:

Tactic: Credential Access

Technique: T1552 Unsecured Credentials

Level 1

When first logging into natas1, you are met with a message that right-clicking has been blocked.

This is easy to work around, just press ctrl+u to view the source code.

Once again we can see the password for the next level in plaintext in the source. The password for natas2 is: TguMNxKo1DSa1tujBLuZJnDUlCcUAPlI.

MITRE Information:

Tactic: Credential Access

Technique: T1552 Unsecured Credentials

Level 2

When logging in to level 2, message is displayed telling us there is nothing on this page.

The next step is to view the source.

Inside the source we can see that there is a line of html that is pointing to an image within a directory. We can see if we can access this directory by appending "/files/" to the end of the url.

Inside the directory we see a file called users.txt, open this file.

Inside the file we see a list of usernames and passwords. The one we are looking for is natas3 and its password is: 3gqisGdR0pjm6tpkDKdIWO2hSvchLeYH.

MITRE Information:

Tactic: Discovery

Technique: T1083 File and Directory Discovery

I hope you found this helpful! I also encourage you to read through the MITRE matrix, because I have learned so much from it and I know you will too!