Top-Secret: Difference between revisions

From Pessin randon wiki
Newer edit →
VisualWikitext
Created page with "===Description=== Management found out that the highly sensitive and top secret documents are accessible to all! They must be hidden ASAP! 150pts ===Task=== You must protect this apache web server with authentication! Configure basic authentication to protect the page Use these credentials for auth: Username: mulder Password: Scully-th3-b3st! SSH Access: Hostname: target.... Username: user Password: Cool2Pass ===Solution=== The first thing I did was to make a..."
 
No edit summary
Line 32: Line 32:


I then added the following text to the file
I then added the following text to the file
<code>
 
<<syntaxhighlight lang="bash">
<Directory "/var/www/html">
<Directory "/var/www/html">
   AuthType Basic
   AuthType Basic
Line 39: Line 40:
   Require valid-user
   Require valid-user
</Directory>.
</Directory>.
</code>
</syntaxhighlight>


I then restarted the apache2 service <code>service apache2 restart</code>
I then restarted the apache2 service <code>service apache2 restart</code>

Revision as of 11:21, 30 September 2022

Description

Management found out that the highly sensitive and top secret documents are accessible to all!

They must be hidden ASAP!

150pts

Task

You must protect this apache web server with authentication!

Configure basic authentication to protect the page

Use these credentials for auth:

Username: mulder

Password: Scully-th3-b3st!


SSH Access:

Hostname: target....

Username: user

Password: Cool2Pass

Solution

The first thing I did was to make a .htpasswd file for the web page.

With the command htpasswd -c /root/.htpasswd mulder

The program in question next asks for a password, which I set as instructed. Next I browsed to the foldercd /etc/apache2/sites-enable/ and opened the file with the editor 000-default.conf.

I then added the following text to the file

<

<Directory "/var/www/html">
  AuthType Basic
  AuthName "asd"
  AuthUserFile /root/.htpasswd
  Require valid-user
</Directory>.

I then restarted the apache2 service service apache2 restart

I then headed to the website again to see if my configuration was successful. Unfortunately, I had broken the whole web page and decided to move on to another task...

Tools

  • htpasswd
  • nano
  • cd
  • service

Flag

Retrieved from "https://wiki.pessinurmi.com/index.php?title=Top-Secret&oldid=308"