2

I am trying to access httpbin.org with basic authentication. I must enter a username and a password. Using telnet in the command terminal(linux) I execute at least :

telnet httpbin.org 80 
HEAD /basic-auth/user/passwd HTTP/1.1

It gives a 401 status code (unauthorized).

I want to now somehow access it using a username and a password (in Base64, entered as username:password). In what way do I do this? I've tried (after 401 status code)

HEAD /username:password HTTP/1.1

(but this gives a 404 status code)

Improve this question
1
  • You need to take the string of "username:password" and base64-encode it, and send that encoded string in a header: Authorization Basic <base64-encoded-credentials> Commented Nov 12, 2015 at 21:27

1 Answer 1

Reset to default
8

HTTP Basic Authentication uses base-64 encoding of the username and password together. For a username testuser and a password of hunter2, you would take the string testuser:hunter2 and base64-encode that. That will give you the string dGVzdHVzZXI6aHVudGVyMg==

How, you ask, do you get that encoding? Most POSIX systems have openssl installed, in which case you can use the output of echo -n "testuser:hunter2" | openssl base64 -base64. The -n is hyper-important, otherwise you'll also be including a newline in the encoding, which will give you an incorrect encoded string (as the password does not end with a newline character generally).

You can then transact via telnet thusly:

telnet hostname.example.com 80
GET / HTTP/1.1
Authorization: Basic dGVzdHVzZXI6aHVudGVyMg==
Improve this answer
3
  • If you're not in a POSIX space, there's a Windows program available from Microsoft that will do base64 encoding/decoding: support.microsoft.com/en-us/kb/191239 Commented Nov 12, 2015 at 21:54
  • Thank you, the base 64 converting worked well. I have a problem entering the password in the authorization header. Using your format Authorization: Basic user:passwordinbase64 isn't working for me. When you access the website in a browser with the URL httpbin.org/basic-auth/user/passwd, it requests a username and password, but URL httpbin.org doesn't. Using telnet, how and where do I enter the username and password spefically, so I can get access to page in my command line where I would get access to in a web browser? Commented Nov 12, 2015 at 23:27
  • (User) and : and (password) all get base64-encoded; that encoded result goes in the Authorization line. Commented Nov 12, 2015 at 23:43

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.