Testing all substrings of a password for basic auth with curl
- 21 Jul 2017: Post was created (diff)
I had to test a substring of a password for a weird authentication issue with a local client
$ pw=K8ZUCmecnQU5o84mHPCnNsAKS4EdONbsJDcV
$ i=32; while true; do url="http://admin:${pw:0:$i}@10.3.2.30/"; curl -f -s -w '%{http_code}' $url; i=$((i - 1)); echo -e "\n$url"; read; done
So with this script I press enter until I see a HTTP 200, then use that URL for logging in via a browser.
If you have any comments or feedback, please send me an e-mail. (stig at stigok dotcom).
Did you find any typos, incorrect information, or have something to add? Then please propose a change to this post.