You will notice that the server is using HTTP authentication(used by apache servers).The folder in apache are secured by two files namely .htpasswd and .htconf - the password and configuration file.You need to get the hash in the password file which will then be cracked by JTR.Enough clue..eh?
Type this in the addressbar :" http://www.hackthissite.org/missions/realistic/7/showimages.php?file=images/admin/.htpasswd " and you will se a little square with to vertical lines. Right click on the left vertical line and then copy the link. In firefox, you can just click on properties, but I don't know about other browsers.
You will then have to paste this into a txt file. Time to bruteforce it using John The Ripper.
Save what you copied in the run directory of the john the ripper program. Lets say we save this file as pass.txt. You then have to open the command promt and direct yourself into the run directory. You will have to use the command:" john-386 --show pass.txt ". It will look something like this:
This was on a windows computer.