wget

manox · 09-23-2011, 11:41 AM

*********************

TB0ne · 09-23-2011, 11:57 AM

Quote:

Originally Posted by manox

I'm just downloading database from this site by using wget

Code:

"http://bork.eircom.net:8000/cgi-bin/select_email.cgi?action=v_email&customer_id=&username=*&first_name=&second_name=" -P "D:\" -c --http-user="myusername1" --http-pass="mypassword1" --proxy-user="myusername2" --proxy-pass="mypassword2"

and I'm getting this error

Ok...did you try to read/understand the error message???

Code:

http://bork.eircom.net:8000/cgi-bin/...=&second_name=
Resolving bork.eircom.net... 159.134.118.77, 159.134.118.76
Connecting to bork.eircom.net|159.134.118.77|:8000... connected.
HTTP request sent, awaiting response... 401 Authorization Required
Authorization failed.

Your user ID/password has failed. Try using just "--user" and "--password", check the id/password, and see if you can omit the -P directive.

Are you using wget in a script or on command line?? And do you have permission from the site owner to download their databases?

manox · 09-23-2011, 12:00 PM

*********************

TB0ne · 09-23-2011, 02:41 PM

Quote:

Originally Posted by manox

sure and I have doublechacked my usernames and Passwords they seems to be correct
I'm running this on work wondows xp machine so using portable wget fro windows I do have access to this database
and no looking forward to get ask for permissions to download it

Well, not sure since you're having a problem with a Windows program...check the options on it, and again, try without the -P option, and the --user/--password instead of specifying the --http* options. And you first say that you DO have access to this database...then say that there's "no looking forward" (??) to ask permission to download it. What does that mean?? You are either allowed to copy the database or you're not....can't be both.

Quote:

when I enter * symbol to username field database responds with all usernames so I want to just store them locally on my machine

Ok...so store them. If you can download it, then do so.

A.Thyssen · 09-25-2011, 06:25 PM

A little off the topic, but extremely important no the less.

Also I would be very wary of sending any password as part of the URL.
I would be doubly wary of sending any password or confidential information a unencrypted communications link such as HTTP. Anything that needs a password should be used HTTPS as a minimum.

manox · 10-01-2011, 06:04 AM

I have checked the permissions and it seems to be all ok . This was just penetration test of the network because it seems to be problem with security on it which I have already reported and no one has done anything with it.