Natas10 looks exactly the same as natas9 except that it warns us that:

For security reasons, we now filter on certain characters

Intresting... Let's take a look at the source and see what they do differently:

<!-- This stuff in the header has nothing to do with the level -->
<link rel="stylesheet" type="text/css" href="">
<link rel="stylesheet" href="" />
<link rel="stylesheet" href="" />
<script src=""></script>
<script src=""></script>
<script src=></script><script src=""></script>
<script>var wechallinfo = { "level": "natas10", "pass": "<censored>" };</script></head>
<div id="content">

For security reasons, we now filter on certain characters<br/><br/>
Find words containing: <input name=needle><input type=submit name=submit value=Search><br><br>

$key = "";

if(array_key_exists("needle", $_REQUEST)) {
    $key = $_REQUEST["needle"];

if($key != "") {
    if(preg_match('/[;|&]/',$key)) {
        print "Input contains an illegal character!";
    } else {
        passthru("grep -i $key dictionary.txt");

<div id="viewsource"><a href="index-source.html">View sourcecode</a></div>

It looks like the biggest difference is the following code:


Basically if your input contains the ";" or "&" character, you will get an error.

In natas9, our input was:

. /etc/natas_webpass/natas10

Which does not contain either of those characters. It looks like they were expecting a different answer for natas9... oops!

Lets see if this input works for natas10:


Yup! I assume that for natas9 they were expecting something like:

a /dev/null; cat /etc/natas_webpass/natas10;

Anyway, the password is: