Hey everyone,
Is anyone else getting stuck on the question for the Bypassing Basic Authentication section of the Web Attacks module?
Firstly - the curl -i -X OPTIONS http://SERVER_IP:PORT
command doesn’t show what the module example suggests it should. Here’s my response:
└─$ curl -X OPTIONS -i http://94.237.59.63:40005/
HTTP/1.1 200 OK
Date: Mon, 05 Aug 2024 07:58:30 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 1158
Content-Type: text/html; charset=UTF-8
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>File Manager</title>
<link rel="stylesheet" href="//netdna.bootstrapcdn.com/bootstrap/3.0.3/css/bootstrap-theme.min.css">
<link rel="stylesheet" href="//netdna.bootstrapcdn.com/bootstrap/3.0.3/css/bootstrap.min.css">
<script src="//netdna.bootstrapcdn.com/bootstrap/3.0.3/js/bootstrap.min.js"></script>
<script src='https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js'></script>
<link rel="stylesheet" href="./style.css">
</head>
<body>
<div class="form-group">
<h1>File Manager</h1>
<form role="form" action="index.php" method="GET">
<input type="text" class="form-control" placeholder="New File Name" name="filename">
</form>
<form action="admin/reset.php" method="GET">
<input type="submit" value="Reset" class="btn btn-danger" />
</form>
</div>
</body>
</body>
</html>
<div></div><ul class="list-unstyled" id="file"><div><h3>Available Files:<h3></div><ul><li><h4><a href='test'>test</a></h4></li></ul><ul><li><h4><a href='notes.txt'>notes.txt</a></h4></li></ul></ul>
Secondly, when I intercept the reset request and change it to 'HEAD" instead of ‘GET’, I still get the login prompt…
Any help would be greatly appreciated!