Backdoor SdsLabs Write Up – secret area

Screenshot (178)

This challenge is a very interesting one. Now first of all what is .htaccess ?

Well, .htaccess is a configuration file for use on web servers running the Apache Web Server software.

Let’s go to the area.

Screenshot (179).png

Okay, we need a username and a password.

For continuing this article I would recommend you to read the following article

http://www.htaccess-guide.com/password-protection/

If you are too lazy to read that article just go through the following para.

The password protection and authentication systems offered by the Apache Web Server are probably the most important use of .htaccess files. Very easily, we can password protect a directory (or multiple) of a web site which requires a username and password to access. The login details are encrypted and then located in the other file the location of which is in the .htaccess file. So let’s find the .htaccess.

First let’s see the source code

Screenshot (184).png

Hmm….So there is a folder named secure.

Let’s try something like this Screenshot (183).png

Naah…Let’s look for the file in secure folder

Screenshot (180)

Yeahhhh…….So now we know that the AuthUserFile is located in secure/.htpasswd . Let’s open it .

Screenshot (181).png

Well , this looks like it is encrypted. Let’s decrypt it !!

The easiest and the most famous tool for the above purpose is John-The Ripper.  You can download it in Windows or Linux.  The commands are same so there is no need to worry about that. Now , the first thing you need to do is to create a Notepad file with any name (I have named it hashes.txt) and then put the encrypted text in the file and then save it in the same folder as of john and then open the command window in that folder (Shift + Right Click > Open Command Window here)

Screenshot (182)

Okay so it looks like username is vampire and password is blood . Here you go now you can get the flag.

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s