Nmap Development mailing list archives
Re: NCat Proxy Support - Proxy-Authenticate
From: Florian Roth <Neo.X () web de>
Date: Thu, 02 Dec 2010 15:11:50 +0100
Hi David, I updated to Release 21228 and compiled the code on Windows 7 with Visual C++ 2010. The problem still persists: ================================ Command Line ================================ D:\ncat-win32>ncat.exe --version Ncat: Version 5.36TEST2 ( http://nmap.org/ncat ) D:\ncat-win32>ncat.exe -vvv --ssl --proxy 10.57.0.17:8080 --proxy-auth username:password 87.106.48.120 443 NCAT DEBUG: Not doing certificate verification. NCAT DEBUG: Proxy returned status code 407. Ncat: Error getting Proxy-Authenticate challenge. ================================ Wireshark Sniff ================================ CONNECT 87.106.48.120:443 HTTP/1.0 ================================ HTTP/1.1 407 Proxy Authentication Required Proxy-Authenticate: NEGOTIATE Proxy-Authenticate: NTLM Proxy-Authenticate: BASIC realm="Internet-Zugang" Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Proxy-Connection: close Set-Cookie: BCSI-CS-52CCC83553E6B543=2; Path=/ Connection: close Content-Length: 954 ================================= Any ideas? I'll check your code again. Regards, Florian On Tue, 2010-11-30 at 01:05 -0800, David Fifield wrote:
On Fri, Nov 26, 2010 at 04:12:56PM +0100, Florian Roth wrote:My NCat Proxy authentication fails due to a proxy server issue caused by a authentication string in ALL CAPS. /* HTTP HEADER of proxy response*/ Proxy-Authenticate: NEGOTIATE Proxy-Authenticate: NTLM Proxy-Authenticate: BASIC realm="Company Internet Access" I guess that the string compare should be case insensitive. I'm not sure if that fixes the issue.You are right about that. RFC 2616 says, "Quotation marks surround literal text. Unless stated otherwise, the text is case-insensitive." I changed the comparisons to be case-insensitive. If you are compiling from source, you can try r21227. David Fifield
-- Sincerely Saludos cordiales Mit freundlichen Grüßen Florian Roth Tel: +49 06251 - 827 9402 Mobil: +49 175 - 7240 363 Fax: +49 12125 - 11699510 eMail: Florian.Roth () email de _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- NCat Proxy Support Florian Roth (Nov 26)
- NCat Proxy Support - Proxy-Authenticate Florian Roth (Nov 26)
- Re: NCat Proxy Support - Proxy-Authenticate David Fifield (Nov 30)
- Re: NCat Proxy Support - Proxy-Authenticate Florian Roth (Dec 02)
- Re: NCat Proxy Support - Proxy-Authenticate Florian Roth (Dec 02)
- Re: NCat Proxy Support - Proxy-Authenticate Florian Roth (Dec 02)
- Re: NCat Proxy Support - Proxy-Authenticate David Fifield (Dec 04)
- Re: NCat Proxy Support - Proxy-Authenticate Florian Roth (Dec 06)
- Re: NCat Proxy Support - Proxy-Authenticate David Fifield (Dec 29)
- Re: NCat Proxy Support - Proxy-Authenticate David Fifield (Nov 30)
- NCat Proxy Support - Proxy-Authenticate Florian Roth (Nov 26)
- Re: NCat Proxy Support - Proxy-Authenticate David Fifield (Dec 02)