LetsDefend - Http Basic Auth

Created: 26/01/2024 13:30 Last Updated: 05/06/2024 20:40

**Http Basic Auth** ![1ebadb060b33b33f4906f0640a7e9528.png](/resources/1ebadb060b33b33f4906f0640a7e9528.png)

We receive a log indicating a possible attack, can you gather information from the .pcap file?

Log file: ~~.https://files-ld.s3.us-east-2.amazonaws.com/webserver.em0.zip Pass: 321~~ /root/Desktop/ChallengeFile/webserver.em0.pcap

Note: pcap file found public resources.

Start Investigation

How many HTTP GET requests are in pcap?

![be71793331ad1f36cf37e6845839a17b.png](/resources/be71793331ad1f36cf37e6845839a17b.png)

What is the server operating system?

FreeBSD

![a8a4b774a6101ba125aa2cac6556064d.png](/resources/a8a4b774a6101ba125aa2cac6556064d.png)

What is the name and version of the web server software?

Apache/2.2.15

What is the version of OpenSSL running on the server?

OpenSSL/0.9.8n

What is the client's user-agent information?

Lynx/2.8.7rel.1 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/0.9.8n

What is the username used for Basic Authentication?

webadmin

![6746132e8475a700515a3c7427d37618.png](/resources/6746132e8475a700515a3c7427d37618.png) ![1634775f864642d8ab79ee57e69b9048.png](/resources/1634775f864642d8ab79ee57e69b9048.png)

What is the user password used for Basic Authentication?

W3b4Dm1n

Summary

There is a basic authentication happened during in this pcap file.

![e4ccc3723ebe6783710a4517525081c6.png](/resources/e4ccc3723ebe6783710a4517525081c6.png) Badge Acquired