Penetration Testing mailing list archives

Re: MS crypto API based ssl proxy??

From: "Volker Tanger" <volker.tanger () discon de>
Date: Tue, 6 Jan 2004 17:13:13 +0100

Greetings!

On Tue, 06 Jan 2004 08:33:53 +0400 Shashank Rai
<shashrai () emirates net ae> wrote:

I am testing a web-site running on MS technology. The site requires
the client to authenticate using a user certificate.
The issues i am facing is that the way site has been designed it only
accepts request from IE (based on MS IIS SSL).


It maybe uses the Micro$oft NTLM authentication scheme - or similar.
What does a packet sniffer tell you, what happens?

Bye

Volker Tanger
ITK-Security

---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

MS crypto API based ssl proxy?? Shashank Rai (Jan 06)
- Re: MS crypto API based ssl proxy?? Volker Tanger (Jan 06)
  - Re: MS crypto API based ssl proxy?? Shashank Rai (Jan 07)
- <Possible follow-ups>
- RE: MS crypto API based ssl proxy?? Shashank Rai (Jan 07)
  - Re: MS crypto API based ssl proxy?? Shade (Jan 07)
- RE: MS crypto API based ssl proxy?? Brewis, Mark (Jan 07)
- RE: MS crypto API based ssl proxy?? Gaziel, Avishay (Jan 07)