HTTP Basic Authentication (NETLAB)

Use your Kali64 Machine

Open the Kali64 virtual machine. Log in as root with the password toor

Starting Apache

In a Terminal window, execute this command:

service apache2 start

In a Terminal window, execute this command:

ip addr

(Note: ifconfig is deprecated and ip is preferred.)

Find your IP address. It should be 172.16.1.202, as shown below.

Click Applications, IceWeasel and enter your IP address in the URL. You should see an Apache default page, as shown below.

Making the secret Page

In a Terminal window, execute these commands:

mkdir /var/www/html/secret
nano /var/www/html/secret/index.html

In nano, enter the HTML code shown below, replacing YOUR-NAME with your own name:

<html> <body> <h1>YOUR-NAME Secret Page</h1> Protected by HTTP Basic Authentication!
</body> </html>

Save the file with Ctrl+X, Y, Enter.

In IceWeasel, append /secret to the IP address to view your page, as shown below:

There was no password required to see this page.

Configuring Basic Authentication

In a Terminal window, execute this command:

nano /etc/apache2/sites-enabled/001-secret.conf

In nano, enter the code shown below:

<Directory "/var/www/html/secret"> AuthType Basic AuthName "Private" AuthUserFile /etc/apache2/.htaccess Require valid-user AllowOverride None Order allow,deny allow from all </Directory>

as shown below:

Save the file with Ctrl+X, Y, Enter.

Specifying Username and Password

In a Terminal window, execute this command replacing "YOUR-NAME with your own name. When you are prompted for a password, enter secretpassword twice.

htpasswd -c /etc/apache2/.htaccess YOUR-NAME

Restart Apache

In a Terminal window, execute this command:

service apache2 restart

Starting Wireshark

In a Terminal window, execute this command:

wireshark

Press Enter twice to close the warning messages.

In Wireshark, click "loopback lo" once to highlight it, as shown below. Click Start.

Authenticating

In IceWeasel, refresh the page with your IP address followed by /secret

An "Authentication Required" box pops up, as shown below. Log in with your name and the password secretpassword

In Wireshark, click Capture, Stop.

In Wireshark, click Statistics, "Conversation List", "TCP (IPv4 & IPv6)". A "TCP Conversations" box opens, as shown below.

Click the first conversation to highlight it, and click the "Follow Stream" button.

The red text is yor browser requesting the secret page.

The blue text is the response from the server, which says "401 Unauthorized", as shown below:

In the "Follow TCP Stream" box, click Close.

In the "TCP Conversations" box, highlight the second conversation.

Click the "Follow Stream" button.

In red text, an "Authorization: Basic" message is visible, as shown below. This scrambled text contains your username and password.

Viewing the Cleartext Password in Wireshark

In the "Follow TCP Stream" box, click Close.

In the "TCP Conversations" box, click Close.

In the top section of the Wireshark window, in the Filter bar, erase the text there and type in this filter.

frame contains Basic

Press Enter.

Two packets are visible, as shown below.

In the Info column, the first one is labelled "HTTP/1.1 401 Authorization Required", and the second one is labelled "GET /secret/ HTTP/1.1", as shown below.

In the top pane of Wireshark, click "GET /secret/ HTTP/1.1".

In the middle pane, expand the "Hypertext Tranfer Protocol" section.

Scroll down and expand the Authorization section.

The credentials are shown in cleartext, showing your name and the secret password, as shown below:

Source

http://doc.norang.ca/apache-basic-auth.html

Last modified 2-9-16
Modified 6-16-16 for NETLAB
Sam Bowne