I didn't see the original message, but "basic authentication", depending on with what, is done with hmac-sha1 or hmac-md5, which technically is not encryption, but a "one way hash", it can be "decrypted", but tends to be A LOT of work and is not a one-on-one "process" or result. typically it depends on the mechanism. Onvif for example uses a client generated "nonce", a date string and password. using hmac-sha1 (the a special case of hmac-sha1) if not mistaken TLS uses the same mechanism. other "mechanisms" (used in simple routers and smart devices), the device sends out a key, which is used to hash (one way hash) similar things (date, public key, password) with hmac-md5.
So theoretically you can reverse engineer (or crack) it, but it is not trivial. (if it were it would be pretty worthless).
Most of these device also accept the password in clear text, so for testing/debugging purposes you could have the server you built, accept it in clear text for debugging.
On Thu, May 9, 2019 at 12:13 PM Michael MacIntosh <[hidden email]> wrote:
If you are using basic authentication, it should be under the
Digest Authentication is going to be harder to get the password from.