WebApp Sec mailing list archives
Re: NTLM and man-in-the-middle proxies not working
From: lists () dawes za net
Date: Thu, 22 Sep 2005 08:50:02 -0400
Quoting "Amit Klein (AKsecurity)" <aksecurity () hotpop com>:
On 19 Sep 2005 at 10:52, Eoin Keary wrote:I find Burp works well for MITM stuffFrom a private correspondence with Eoin, I understand that he didn't use IE for this test, so this information does not confirm/disprove anything about the phenomenon we discuss in this thread.
For what it is worth as a data point, Michael Silk has had success in the past using WebScarab to proxy SPNEGO authentication. WebScarab did not (and does not currently) set the "Proxy-Support" header mentioned below, so there seems to be some inconsistency here. What happens is that the complete negotiation is visible in WebScarab. i.e. Request -> 401 Unauthorised (with auth schemes) Request (with Negotiate) -> 401 Unauthorised (with a challenge) Request (with Negotiate) -> 200 repeated for each new connection made. Subsequent requests in the same connection SHOULD (I have no evidence either way) not result in the 401's, since it is a connection oriented authentication, rather than request oriented. Here is the user-agent string from the log he showed me: User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.40607) Maybe Michael can supply more details? Or maybe someone with access to appropriate client and server environment (Amit?) could perform some tests using WebScarab as their proxy? Regards, Rogan
Current thread:
- NTLM and man-in-the-middle proxies not working raymond_b_jimenez (Sep 14)
- Re: NTLM and man-in-the-middle proxies not working Amit Klein (AKsecurity) (Sep 14)
- <Possible follow-ups>
- Re: NTLM and man-in-the-middle proxies not working raymond_b_jimenez (Sep 15)
- Re: NTLM and man-in-the-middle proxies not working Amit Klein (AKsecurity) (Sep 16)
- Re: NTLM and man-in-the-middle proxies not working Eoin Keary (Sep 19)
- Re: NTLM and man-in-the-middle proxies not working Amit Klein (AKsecurity) (Sep 19)
- Re: NTLM and man-in-the-middle proxies not working Michael Eddington (Sep 20)
- Re: NTLM and man-in-the-middle proxies not working Amit Klein (AKsecurity) (Sep 20)
- Re: NTLM and man-in-the-middle proxies not working Amit Klein (AKsecurity) (Sep 16)
- Re: NTLM and man-in-the-middle proxies not working Amit Klein (AKsecurity) (Sep 21)
- Re: NTLM and man-in-the-middle proxies not working lists (Sep 22)
- Re: NTLM and man-in-the-middle proxies not working Amit Klein (AKsecurity) (Sep 22)
- RE: NTLM and man-in-the-middle proxies not working Ofer Maor (Sep 27)