You probably gonna find this issue in your manual browsing and spidering phase of your assessment. But also Nikto and Nessus will report this issue during your scanning phase.

Intercepting Web Proxy Output:

Pop up in your browser:

Nikto output

Indication of login

+ / - Requires Authentication for realm

Nessus Output

Web Server Uses Basic Authentication Without HTTPS
Plugin ID: 34850

Description

The remote web server contains web pages that are protected by ‘Basic’ authentication over cleartext.
An attacker eavesdropping the traffic might obtain logins and passwords of valid users.

Solution

Make sure that HTTP authentication is transmitted over HTTPS.

Report

Include the following information in the final report:

Name of the Website or WebApplication
A sample request and reponse

References

https://www.owasp.org/index.php/Basic_Authentication
https://www.owasp.org/index.php/Authentication_Cheat_Sheet
https://www.owasp.org/index.php/SSL_Best_Practices
https://www.owasp.org/index.php/Transport_Layer_Protection_Cheat_Sheet
https://www.owasp.org/index.php/Testing_for_Weak_SSL/TLS_Ciphers,_Insufficient_Transport_Layer_Protection_(OTG-CRYPST-001)

VerifyIT

VerifyIT

Web Server Uses Basic Authentication without HTTPS

Intercepting Web Proxy Output:

Nikto output

Nessus Output

Description

Solution

Report

References

Intercepting Web Proxy Output:

Nikto output

Nessus Output

Description

Solution

Report

References

Share this: