Dark Arts
  • index
  • BUY ME A BOOK
  • 🪄Dark Magic
    • Pentesting
      • Industry Methodologies
    • Scopes of Testing
    • Reconnaissance
      • Passive
        • WHOIS
        • DNS
          • nslookup
          • dig
        • WAF
        • Subdomain
        • Google Dork
        • Misc. Techniques
        • Leaked Passwords
      • Active
        • Browser & Plugins
        • ping & traceroute
        • fping
        • telnet & netcat
        • DNS
          • Zone Transfer
          • DNS Amplification DDoS Attack Breakdown
        • Misc. Techniques
    • Vulnerability Assessment
    • Attack Types
  • 🕷️Aragoogs Nest
    • Web Application Overview & Security
      • Security Testing
      • Common Threats & Risks
    • Web Application Architecture
      • Technologies
    • HTTP/S
      • Message
      • Request
      • Response
        • Status Code
    • Crawling/Spidering
  • 🧪Potions
    • Web Browsers
    • Computer Networking
      • Network Protocol
      • Packets
      • OSI Layer
        • Layer 3: Network
        • Layer 4: Transport
      • DNS
        • Primary-Secondary
        • Local Name Resolution
        • Domain Hierarchy
        • FQDN
        • Lookups
        • DNS Resolution
        • DNS Records
        • Security: Attack-Defense (Default)
  • 🎆Spells
    • 📜Linux Scroll
    • 📜WebShell Scroll
    • git
      • Attacks + Vulnerabilities
  • 🖼️Flaws w/ Magical Frameworks
    • Windows
      • In a Nutshell
      • CVE-2019-0708: BlueKeep
      • CVE-2017-0144: EternalBlue: MS17-010
      • Attacking Services
        • MS IIS - WebDAV
        • SMB
        • HTTP File Server (HFS)
        • Apache Tomcat Web Server
        • RDP
        • WinRM
      • File System Vulnerabilities
      • Credential Dumping
        • Password Search in Windows Configuration Files
        • Mimikatz
        • Pass-the-Hash Attack
    • Linux
      • In a Nutshell
      • CVE-2014-6271: Shellshock
      • Attacking Services
        • FTP
        • SSH
        • SAMBA
        • SMTP
        • RSYNC
      • Dumping Hashes
  • 🌼Marauder's Boost
    • Privilege Escalation
    • Windows PrivEsc
      • Windows Kernel Exploit
      • Bypassing UAC
      • Access Token Impersonation
    • Linux PrivEsc
      • Linux Kernel Exploit
      • Misconfigured Cron Jobs
      • Exploiting SUID Binaries
      • shells
      • File Permissions
  • ☠️Death Eaters
    • Post Exploitation
      • Windows
      • Linux
  • 🪄OLLIVANDERS
    • nmap
      • Host Discovery
      • Port Scan
      • Service & OS
      • NSE
      • Firewall/IDS Evasion
      • Scan Optimization
      • Misc. Methods
    • ffuf
    • Hydra
    • Metasploit Framework
      • Architecture
      • Must to Know
      • msfvenom
      • Auxiliary Modules
      • Service Enumeration
      • Vulnerability Scanning
      • Imports
      • Automating
    • Vulnerability Scanners
    • Wireshark
  • 🚂Platform 9(3/4)
    • Auth-Auth
      • Authentication
        • Password-based Authentication
        • Basic Authentication
        • Multi-factor Authentication
        • Access Token
        • Token-based Authentication
          • JWT
          • OAuth 2.0
    • Secure Headers
      • Content-Security-Policy (CSP)
    • Cryptography
      • Caesar Cipher
  • ⛲Port Pensieve
    • Enumeration
      • SMB & NetBIOS
      • SNMP
    • Wordlists
  • 🔆DUELS
    • Pivoting
    • SMB Relay Attack
  • 🗺️Marauder's Map
    • Web Application Pentesting
    • API Pentesting
      • GraphQL
        • Primer
    • Mobile Application Pentesting
  • 🎧SIDE CHANNEL
    • Side Channel Analysis
    • Timing Side-Channel Attacks
      • Vulnerable Login
  • 🥃Sky
    • Cloud Basics
    • Cloud Management
      • Shared Responsibility Model
    • Using Cloud Resources
      • Monitoring & Alerts
      • Identity & Access Management
      • Scalability & Availability
      • Solution Design
    • Cloud Providers
    • Cloud Security & Regulatory Compliance
      • Resource Protection
      • ICCA: Cloud Security & Regulatory Compliance
    • ICCA Preparation
      • Knowledge Tests
      • Lab
  • 🔷Obsidian
    • Pentest Engagement
      • Scoping
    • Pentest Ethics
      • Rules of Engagement
    • Auditing Fundamentals
      • Process/Lifecycle
      • Pentest & Security Auditing
      • GRC
      • Standards, Frameworks & Guidelines
      • From Audit to Pentest
  • 💢Threat Modeling
    • Why Threat Model?
  • 📡THREAT INTEL
    • Threat Intelligence
    • Tool Dump
  • 📱Anything-Mobile-IoT
    • Firmware
    • Firmware Analysis
      • Example: CVE-2016-1555
    • Firmware Installation/Flashing
  • 🎉Mischeif
    • Social Engineering
    • Phishing
      • GoPhish
    • Pretexting
Powered by GitBook
On this page
  • Deep Dive
  • Authentication Schemes
  1. Platform 9(3/4)
  2. Auth-Auth
  3. Authentication

Basic Authentication

Basic Authentication is a simple authentication scheme built into the HTTP protocol where a client sends encoded (base64) credentials (username and password) in the Authorization header of an HTTP request.

When accessing a secure web page, the browser sends a request with the header Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=, where dXNlcm5hbWU6cGFzc3dvcmQ= is the Base64 encoded string of username:password.

# Example of Basic Authentication in Python

import requests
from requests.auth import HTTPBasicAuth

# URL of the server
url = 'https://navidnaf.com/'

# Credentials
username = 'myUsername'
password = 'myPassword'

# Create a session to capture request headers
session = requests.Session()

# Prepare the request with Basic Authentication
request = requests.Request('GET', url, auth=HTTPBasicAuth(username, password))
prepared_request = session.prepare_request(request)

# Send the request
response = session.send(prepared_request)

# Print the request headers
print("Request Headers:")
for key, value in prepared_request.headers.items():
    print(f"{key}: {value}")

# Print the response headers
print("\nResponse Headers:")
for key, value in response.headers.items():
    print(f"{key}: {value}")

# Print the response content
print("\nResponse Content:")
print(response.text)

This code creates a session to capture the request headers, prepares the request with Basic Authentication, and then sends the request. It prints out both the request headers and the response headers, as well as the response content.

This authentication system is also known as HTTP Authentication. HTTP provides a general framework for access control and authentication.

Deep Dive

The challenge and response flow works like this:

  3. Usually a client will present a password prompt to the user and will then issue the request including the correct Authorization header.

Authentication Schemes

The general HTTP authentication framework is the base for a number of authentication schemes.

Authentication Scheme
What it is

Basic

Uses base64-encoded credentials for simple username and password authentication.

Bearer

Uses bearer tokens, which are opaque tokens used to access OAuth 2.0-protected resources.

Digest

Uses hashed credentials for more secure authentication, supporting SHA-256 and MD5 hashing (MD5 is not recommended).

HOBA

Uses digital signatures to authenticate, ensuring that the request originates from a specific client.

Mutual

Involves both client and server authenticating each other to establish a trusted connection.

Negotiate/NTLM

Uses a negotiation mechanism to select the authentication protocol, often used in Windows environments.

VAPID

Authorizes push notifications by proving ownership of the server sending the notifications.

SCRAM

Enhances password-based authentication by using a challenge-response mechanism with salted passwords.

AWS4-HMAC-SHA256

A secure authentication method for AWS services, using keyed-hash message authentication with SHA-256.

The "Basic" authentication scheme offers very poor security, but is widely supported and easy to set up.

As the user ID and password are passed over the network as clear text (it is base64 encoded, but base64 is a reversible encoding), the basic authentication scheme is not secure. HTTPS/TLS should be used with basic authentication. Without these additional security enhancements, basic authentication should not be used to protect sensitive or valuable information.

PreviousPassword-based AuthenticationNextMulti-factor Authentication

Last updated 1 year ago

Reference for the Below Contents:

defines the HTTP authentication framework, which can be used by a server to a client request, and by a client to provide authentication information.

The server responds to a client with a (Unauthorized) response status and provides information on how to authorize with a response header containing at least one challenge.

A client that wants to authenticate itself with the server can then do so by including an request header with the credentials.

If a (proxy) server receives invalid credentials, it should respond with a Unauthorized or with a Proxy Authentication Required, and the user may send a new request or replace the header field.

If a (proxy) server receives valid credentials that are inadequate to access a given resource, the server should respond with the Forbidden status code. Unlike Unauthorized or Proxy Authentication Required, authentication is impossible for this user and browsers will not propose a new attempt.

The and request headers contain the credentials to authenticate a user agent with a (proxy) server. Here, the <type> is needed again followed by the credentials, which can be encoded or encrypted depending on which authentication scheme is used.

IANA maintains a , but there are other schemes offered by host services, such as Amazon AWS.

Ref: ()

🚂
https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication
RFC 7235
challenge
401
WWW-Authenticate
Authorization
401
407
Authorization
403
401
407
Authorization
Proxy-Authorization
list of authentication schemes
https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication#basic_authentication_scheme
Authorization Header denoting Basic Authentication
HTTP Authentication