Re: IIS 5.0 with Integrated Window Authentication

From: Dave Aitel (dave@immunitysec.com)
Date: 11/07/02


Date: Thu, 7 Nov 2002 14:35:23 -0500
From: Dave Aitel <dave@immunitysec.com>
To: Sebastian Flothow <sebastian@flothow.de>

Hmm. My basterdized SPIKE Proxy NTLM auth does, in fact, work through
the proxy though.

Client->SPIKE Proxy->Server

Where Client is sending Proxy-Authorization, and SPIKE Proxy is
translating that into Authorization: and sending it to the server and so
on. I get access on IIS 5.0, at least.

-dave

On Wed, 6 Nov 2002 23:27:54 +0100
Sebastian Flothow <sebastian@flothow.de> wrote:

> > The goofy three-message exchange that sets up the NTLM security
> > doesn't seem to make it through the proxy,
>
> AFAIK, NTLM _can_ _not_ work through proxies, by design. It seems it
> includes the client's IP address, which then doesn't match that of the
>
> proxy (which is the client from the server's point of view), or
> something similar.
>
>
> Sebastian
>
> --
> Sebastian Flothow
> sebastian@flothow.de
> #include <stddisclaimer.h>
>
>

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/



Relevant Pages

  • RE: CORKSCREW 2.0
    ... Subject: CORKSCREW 2.0 ... This essentially allows a client browser to say to the proxy, ... connection to X host, y port, and if I must, this is my authentication". ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • Re: IIS 5.0 with Integrated Window Authentication
    ... Using APS, I was able to detect and exploit a web app authentication design flaw in the target app. ... >that any tool that I use have proxy support (whisker just got proxy ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • Re: Pen-Testing help (Compaq Insight & htsearch)
    ... > 1) I know Insight Manager has buffer overflows and can be used as a proxy. ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
  • Re: IIS 5.0 with Integrated Window Authentication
    ... My basterdized SPIKE Proxy NTLM auth does, in fact, work through ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
  • Re: ISA Server Problems, please help
    ... The All access rule for SBS Internet ... Web Proxy and/or ... > To accommodate the linux SecureNAT clients you should create a new Client ... ISA Server denies the specified Uniform Resource Locator. ...
    (microsoft.public.windows.server.sbs)