Command Injection (III): Webshell -> php-backdoor.php.Command Injection (IV): Webshell -> Msfvenom / Me.Also, Wireshark captures the HTML text response from the server, corresponding to the web page resource: Now, a Python script can be used to decode the Base64 string and reveal the correct credentials: 'admin:ababa' The credentials have been sent without encryption, but encoded with Base64, and the correspondig string can be copied for further study: However, opening the first packet it is clear that Basic authentication has been used, also displaying the string corresponding to the credentials. Once Kali has sent the correct credentials the server responds with a 200 OK message: ![]() Setting up a filter that limits packets only to those exchanged between Kali (192.168.1.13) and Ubuntu Apache server (192.168.1.15), we can l ook into the packets captured by Wireshark. Whe the user from Kali tries to access the web page "/basicauth/index.html" the Apache web server responds with the challenge for Authentication requirement. Launching the sniffer Wireshark, the Kali Linux machine is able to capture all packets crossing its interface eth0: ![]() This exercise is based in the previous post Setting up HTTP Basic Authentication. CAPTURING HTTP BASIC AUTHENTICATION CREDENTIALS WITH WIRESHARK
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |