Ok, I'm getting tired of seeing "How do I hack into a secure site". First off, the majority of "secure" sites use .htaccess for their authentication. In otherwords, if you see a little box pop up that says "password" and "username" chances are it's .htaccess and .htpasswd that are blocking your way.

Now, how .htaccess looks is as follows:
See that, pretty basic 'eh? And I'll bet you that the majority of 'em look the same way too...

Now, the .htpasswd file looks totally differant, the passwords are encrypted, the username is not...

See, the thing is, you don't need either of the two files to bruit force a thing... Their just given here as an example of how things work (when you learn, thats how you learn, otherwise you get left behind).

Now, theirs really only a couple of things you need...
1. A couple of proxy servers (if you want to remain anonymous)...
2. A bruit force program (We recommend www.accessdiver.com for all of your Bruit Force needs)...
3. A members URL which uses .htaccess (for example: http://www.yourvictem.com/members/ )
4. A wordlist (you're on your own there, my wordlist is my baby).

Basically, in AD you load your wordlist, load your proxys, drop in your URL, click standard. After many hours of grueling work, if you have a good wordlist, you'll have a user/pass...

How would you go about requesting these files?

you're pretty much on your own there... We'll teach you to do some stuff but we won't hold your hand while you piss...

*cough* http://members.aol.com/nast0/ *cough*

ahem thanx ahem