[Owasp-testing] Wget Authenticated Session

chr1x chr1x at sectester.net
Tue Dec 15 09:11:52 EST 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
Hi Zaki,

If you mean in how you can get authenticated to a web application, you
can simply use the following command.

wget --http-user=USER --http-passwd=PASSWORD in case that your webapp
is using Apache Basic authentication.

As raùl pointed in other mail, the use of the flag: --header "Cookie:
name=value" should work as well.

In my case, I used Paros Proxy in order to crawl a website once I'm
authenticated.

Cheers!

chr1x

- ---
[CubilFelino Security Research Lab] http://chr1x.sectester.net
The computer security is an art form. It's the ultimate martial art."
New Forum at: http://www.sectester.net. Share your knowledge!



Zaki Akhmad escribió:
> Hello,
>
> Is there a way so that I can wget authenticated session? I want to
> spidering page after successfully authenticated.
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
 
iQEcBAEBAgAGBQJLJ5koAAoJEENUkd83ZfT4358IAMSeucmVXtVA4e0rQQFusVL3
M4+ejlnMfj+SzQuVFz6zqXLnCK4S5owO151HK59GUdYnp4fcG6ulRYnveRPAUzi9
pwKDOtOlww088VMv5hsdTbH1xREyulYdCWuX0/aspgIAdR/tDIyqsT1uALe8WG5i
Ae5GO7/MrW3u7U4+yIQSwAFG8C9n8iKbbYyrzGkQa8FPhg7PL6jBPTTQjE5023Zf
GJs+EMk/mRomze34ca/N20jRJomBtCogcSivfHWa+Lo4Cm5QRjPVsQyKWKBl/9MB
NnKQHwXV2YKjKtBcWc8n+kNg/9f4JckuOYGEl1+zJ75ndyuCvkr+tB6/pc6ayr0=
=AeE7
-----END PGP SIGNATURE-----



More information about the Owasp-testing mailing list