Top-Secret: Difference between revisions

From Pessin randon wiki
← Older edit
VisualWikitext
No edit summary
No edit summary
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
[[File:Top-secret-task.PNG|thumb|Top secret task]]
[[File:Top-secret-task.PNG|thumb|Top secret task]]
[[File:000-config.PNG|thumb|000-default.conf]]


===Description===
===Description===
Line 14: Line 15:
Username: mulder
Username: mulder


Password: Scully-th3-b3st!</blockquote><blockquote>
Password: Scully-th3-b3st!</blockquote>
<blockquote>
SSH Access:
SSH Access:


Line 41: Line 43:
I then restarted the apache2 service <code>service apache2 restart</code>
I then restarted the apache2 service <code>service apache2 restart</code>


I then headed to the website again to see if my configuration was successful. Unfortunately, I had broken the whole web page and decided to move on to another task...
Test logging in with your browser and if everything works, submit the task for evaluation.
===Tools===
===Tools===  
* htpasswd
*htpasswd
* nano
*nano
* cd
*cd
* service
*service
===Flag===
===Flag===
No flag available, just set up basic authentication method.
No flag available, just set up basic authentication method.

Latest revision as of 13:16, 13 October 2022

Top secret task
000-default.conf

Description

Management found out that the highly sensitive and top secret documents are accessible to all!

They must be hidden ASAP!

150pts

Task

You must protect this apache web server with authentication!

Configure basic authentication to protect the page

Use these credentials for authenticate

Username: mulder

Password: Scully-th3-b3st!

SSH Access:

Hostname: target....

Username: user

Password: Cool2Pass

Solution

The first thing I did was to make a .htpasswd file for the web page.

With the command sudo htpasswd -c /var/www/.htpasswd mulder

The program in question next asks for a password, which I set as instructed. Next I browsed to the foldercd /etc/apache2/sites-enable/ and opened the file with the editor 000-default.conf.

I then added the following text to the file between <VirtualHost *:80></VirtualHost> tags

<Directory "/var/www/html">
  AuthType Basic
  AuthName "asd"
  AuthUserFile /var/www/.htpasswd
  Require valid-user
</Directory>

I then restarted the apache2 service service apache2 restart

Test logging in with your browser and if everything works, submit the task for evaluation.

Tools

  • htpasswd
  • nano
  • cd
  • service

Flag

No flag available, just set up basic authentication method.

Retrieved from "https://wiki.pessinurmi.com/index.php?title=Top-Secret&oldid=335"