WebApp Sec mailing list archives
Re: HTTP sniffer for Digest Authentication?
From: Saqib.N.Ali () seagate com
Date: Mon, 20 Sep 2004 21:45:01 -0700
If I remember correctly Colasoft's ( http://www.colasoft.com ) can capture the MD5 digest for authentication for HTTP traffic, and display them in a nice format. However I am not sure how you plan to use this Digest to replay an attack. Usually the webservers use "nonce" to calculate the MD5 digest for digest authentication, which makes replaying an attack, using a sniffed digest, virtually impossible. Nonce is different each time 401 challenge is issued, thus making the digest different each time. Thanks. Saqib Ali http://validate.sf.net Ivan Ristic <ivanr () webkreator com> wrote on 09/20/2004 11:04:43 AM:
Does anyone know of a tool that automates Digest authentication sniffing? Or performs any other related activity (e.g. uses the sniffed hash to authenticate against the web server)? -- ModSecurity (http://www.modsecurity.org) [ Open source IDS for Web applications ]
Current thread:
- HTTP sniffer for Digest Authentication? Ivan Ristic (Sep 20)
- Re: HTTP sniffer for Digest Authentication? Saqib . N . Ali (Sep 21)
- Re: HTTP sniffer for Digest Authentication? Ivan Ristic (Sep 25)
- Re: HTTP sniffer for Digest Authentication? Saqib . N . Ali (Sep 24)
- Re: HTTP sniffer for Digest Authentication? Saqib . N . Ali (Sep 26)
- Re: HTTP sniffer for Digest Authentication? Ivan Ristic (Sep 25)
- Re: HTTP sniffer for Digest Authentication? Saqib . N . Ali (Sep 24)
- Re: HTTP sniffer for Digest Authentication? Ivan Ristic (Sep 25)
- Re: HTTP sniffer for Digest Authentication? Saqib . N . Ali (Sep 21)