Cryptography and Encoding
More was written about this in the first CTF course, but long story short:
- Don't try to decrypt HTTPS traffic
- If the challenge says there is custom crypto, it's probably the thing you are supposed to attack
- Most things are base64'd in web
- URL encoding goes in the URL
Basic Access Authentication
Basic access authentication is a method for an HTTP user agent (e.g. a web browser) to provide a user name and password when making a request. In basic HTTP authentication, a request contains a header field in the form of Authorization: Basic
Digest Access Authentication
Applies a hash function to the username and password before sending them over the network. If this is properly setup you won't break it.
Anything else using HTTPS is going to not be breakable.