HTTP Authentication

Himanshu Gupta's Avatar

Himanshu Gupta

28 Jun, 2013 07:31 AM

Hi,

My website has a HTTP Authentication. As soon as a URL is entered in the browser, it gives a pop-up window to enter the username and password and only upon successful authentication it continues the user to land on the website.

How can I handle this authentication if I want to perform a security scan using Arachni through command line interface. I visited the website and found that the tool supports Site authentication (Automated form-based, Cookie-Jar, Basic-Digest, NTLM and others), as given under the Feature list. But I could not found the appropriate command / syntax to do the same.

Would really appreciate any help and suggestions on this.

  1. Support Staff 1 Posted by Tasos Laskos on 28 Jun, 2013 11:18 AM

    Tasos Laskos's Avatar

    The way to do this is to pass the credentials in the URL, like so:

    http://user:[email blocked]/blah/
    

    Let me know if you need more help.

    Cheers

  2. Tasos Laskos closed this discussion on 28 Jun, 2013 11:18 AM.

  3. Tasos Laskos re-opened this discussion on 28 Jun, 2013 11:21 AM

  4. Support Staff 2 Posted by Tasos Laskos on 28 Jun, 2013 11:21 AM

    Tasos Laskos's Avatar

    I'm sorry, the system erroneously thinks that I'm posting an e-mail. See the question of this thread for the way to pass the credentials in the URL.

  5. Tasos Laskos closed this discussion on 28 Jun, 2013 11:21 AM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac