Web Attacks - Bypassing Basic Authentication

Hey everyone,

Is anyone else getting stuck on the question for the Bypassing Basic Authentication section of the Web Attacks module?

Firstly - the curl -i -X OPTIONS http://SERVER_IP:PORT command doesn’t show what the module example suggests it should. Here’s my response:

└─$ curl -X OPTIONS -i http://94.237.59.63:40005/ 
HTTP/1.1 200 OK
Date: Mon, 05 Aug 2024 07:58:30 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 1158
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html>
<html lang="en">

<head>
    <meta charset="UTF-8">
    <title>File Manager</title>
    <link rel="stylesheet" href="//netdna.bootstrapcdn.com/bootstrap/3.0.3/css/bootstrap-theme.min.css">
    <link rel="stylesheet" href="//netdna.bootstrapcdn.com/bootstrap/3.0.3/css/bootstrap.min.css">
    <script src="//netdna.bootstrapcdn.com/bootstrap/3.0.3/js/bootstrap.min.js"></script>
    <script src='https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js'></script>
    <link rel="stylesheet" href="./style.css">
</head>

<body>
    <div class="form-group">
        <h1>File Manager</h1>
        <form role="form" action="index.php" method="GET">
            <input type="text" class="form-control" placeholder="New File Name" name="filename">
        </form>
        <form action="admin/reset.php" method="GET">
            <input type="submit" value="Reset" class="btn btn-danger" />
        </form>
    </div>
</body>
</body>

</html>

<div></div><ul class="list-unstyled" id="file"><div><h3>Available Files:<h3></div><ul><li><h4><a href='test'>test</a></h4></li></ul><ul><li><h4><a href='notes.txt'>notes.txt</a></h4></li></ul></ul>     

Secondly, when I intercept the reset request and change it to 'HEAD" instead of ‘GET’, I still get the login prompt…

Any help would be greatly appreciated!

I am having the same issues.

try -X HEAD