routersploit · threat9/routersploit#887

(1 comment) (0 reactions) (0 assignees)Python (11,672 stars) (2,340 forks)batch import

help wanted

Description

[] Running module creds/generic/http_basic_digest_bruteforce... [-] Resource / is not protected by Basic/Digest Auth rsf (HTTP Basic/Digest Bruteforce) > set usernames file: [-] Use Ctrl+D to exit rsf (HTTP Basic/Digest Bruteforce) > set usernames file:///home/donregon/Downloads/rockyou.txt [+] usernames => file:///home/donregon/Downloads/rockyou.txt rsf (HTTP Basic/Digest Bruteforce) > set passwords file:///home/donregon/Downloads/rockyou.txt [+] passwords => file:///home/donregon/Downloads/rockyou.txt rsf (HTTP Basic/Digest Bruteforce) > run [] Running module creds/generic/http_basic_digest_bruteforce... [-] Resource / is not protected by Basic/Digest Auth rsf (HTTP Basic/Digest Bruteforce) >

Contributor guide

Tech stack: pythonshell
Domain: securitycli
Issue type: bug
Difficulty: 3
Estimated time: 1-3 hours
Activity status: fresh
Clarity: unclear
Prerequisites: Basic PythonUnderstanding of HTTP Basic/Digest Auth
Newbie friendliness: 20
Research direction: The issue reporter pastes terminal output from running the http basic digest bruteforce module, which repeatedly reports that the target resource is not protected, even after setting usernames and passwords files. The root cause might be in how the module checks for authentication or how the target endpoint is probed. Investigate the module source code at routersploit/creds/generic/http basic digest bruteforce.py and related authentication detection logic. Reproduce with a known test server. Determine if the issue is a false negative or a configuration error.