Natas 8

When the webpage first loads, there is nothing interesting except the view sourcecode, so lets go there immediately

In the source code itself, once again like Natas 6, there is some interesting php code

<?

$encodedSecret = "3d3d516343746d4d6d6c315669563362";

function encodeSecret($secret) {
    return bin2hex(strrev(base64_encode($secret)));
}

if(array_key_exists("submit", $_POST)) {
    if(encodeSecret($_POST['secret']) == $encodedSecret) {
    print "Access granted. The password for natas9 is <censored>";
    } else {
    print "Wrong secret";
    }
}
?>

The string return bin2hex(strrev(base64_encode($secret))); simply encodes it in base64, reverses the string and converts it to hexadecimal. By reverse engineering this in CyberChef

Entering this into the Input gives the following

Thus the password is ZE1ck82lmdGIoErlhQgWND6j2Wzz6b6t

PreviousNatas 7 NextCyber League 2025

Last updated 7 months ago