Re: HTTP proxy authentication using by SSPI

From: ungd@mail.ru
Date: 06/09/02 

From: <ungd@mail.ru>
Date: Sun, 9 Jun 2002 12:18:29 +0200

Thanks.

"Stephen L Nicoud" <nicouds@hotmail.com> wrote in message
news:3D000530.7478C643@hotmail.com...
> I can't answer your question directly, but I will note that not even
Windows
> knows what the password is. The first thing Windows does with the
password
> when you log in is to run it through a one-way hash. It forgets the
password
> at that point and instead uses the password hash. The password hash is
used to
> create the "response" when challenged with a "challenge" (hence NT
Challenge /
> Response). Windows domains store the password hash, not the password.
> However, a password hash can be used as a password substitute if you know
how
> to deal with the NTCR protocol.
>
> ungd@mail.ru wrote:
> >
> > Hello,
> >
> > My programm using client\server architecture and HTTP protocol to
comunicate
> > one each other.
> > I'm using winsock 1.1 and VC++ Dev. environment.
> > The problem is that when i want to bypass proxy server some of them
have
> > authentication (NTLM or Kerboros ..). I found sample in Platform SDK
(calls
> > HTTPAuth), which shows how to solve it using SSPI, but one problem for
this
> > authentication - I must know user's password and username.
> > How can i get this???
> > May be regestry or some OS structure that contain it.
> > I know that it possible to find, cause IE doesn't ask for Username and
> > password for authentication proccess, it takes it from some place.
> > Please Help with this problem
> > Thanks a lot,
> > Simon

Quantcast