WebApp Sec mailing list archives
Re: NTLM and man-in-the-middle proxies not working
From: "Amit Klein (AKsecurity)" <aksecurity () hotpop com>
Date: Tue, 04 Oct 2005 16:39:44 +0200
On 3 Oct 2005 at 19:32, raymond_b_jimenez () yahoo com wrote:
From the tests I've done last week, I can confirm that Burp Proxy effectively deals with the NTLM authentication problem.
From what I understand from Ofer Maor's submission
(http://www.securityfocus.com/archive/107/411767/30/0/threaded), Burp does so by doing the NTLM authentication ITSELF! i.e. the browser doesn't see the challenge and doesn't send the response. Indeed, this there is a configuration option in Burp to do just so (in the "comms" tab, there's a section called "do www authentication", one of the pulldown options for type is "NTLM"). What is more interesting is that even without fixing the NTLM credentials, the browser works with NTLM authentication. Interesting. Perhaps you have the "prompt for credentials on authentication failure" option turned on by any chance (I think by default it's off, but perhaps you toyed with it?). In such case, Burp (not IE) will pop-up an authentication window asking for the details at runtime (or should I say "browse-time"). -Amit
Current thread:
- Re: NTLM and man-in-the-middle proxies not working raymond_b_jimenez (Oct 03)
- Re: NTLM and man-in-the-middle proxies not working Amit Klein (AKsecurity) (Oct 04)