Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: Re: check authentication-methods

Re: check authentication-methods

From: andric cheung <andriccheung_at_yahoo.com.hk>
Date: 18 Jun 2003 16:17:24 -0000
('binary' encoding is not supported, stored as-is) In-Reply-To: <BAY7-F32t5BBBVhyemY0003be8a_at_hotmail.com>

Thomas,

Telnet is a good way. However, when the site is SSL protected, you will
need something like a SSL proxy to check the authentication method.

You can consider:
achilles (win),
paros proxy (java, proxy chaining support),
spike proxy (browser)

Andric

>
>There is a valid reason for an automated tool to check authentication
>methods. On several large web portals, one might find several different
>authentication methods for any number of site paths. I've seen this on a
>few occasions. Yet I have not seen it in any automated tool.
>-Joe R.
>
>-----Original Message-----
>From: Dennis Hurst [mailto:dennis_at_hurstinc.com]
>Sent: Saturday, June 14, 2003 11:17 PM
>To: 'Thomas Springer'; webappsec_at_securityfocus.com
>Subject: RE: check authentication-methods
>
>
>Thomas,
>
>You could just Telnet to the web server on port 80 and send a simple GET
>/ request, then look at the headers that come back. Here an example of
>what comes back from IIS.
>
>Server: Microsoft-IIS/5.0
>Date: Sun, 15 Jun 2003 04:15:03 GMT
>WWW-Authenticate: Negotiate
>WWW-Authenticate: NTLM
>Content-Length: 4431
>Content-Type: text/html
>
>
>The WWW-Authenticate: NTLM header tells you it's asking for NTLM. If
>it's using basic it will have BASIC in the header.
>
>Here's how I did it
>
>At a command prompt type: telnet <your web server> 80 <press enter>
>You will get a blank screen, type GET / <press enter>
>You will get the headers dumped back to you.
>
>Hope this helps.
>
>
>Have a great day,
>
>Dennis Hurst
>dhurst_at_spidynamics.com
>SPI Labs
>
>
>-----Original Message-----
>From: Thomas Springer [mailto:tuev_at_serveraudit.net]
>Sent: Friday, June 13, 2003 7:00 AM
>To: webappsec_at_securityfocus.com
>Subject: check authentication-methods
>
>
>Anybody knows a tool (prefferably win32) to check, wich
>401-authentication-methods are supported by a webserver (i.e. basic,
>ntlm)?
>
>thomas springer
>tuev-sueddeutschland
>it-security
>
>Thomas Springer
>
>_________________________________________________________________
>MSN 8 with e-mail virus protection service: 2 months FREE*
>http://join.msn.com/?page=features/virus
>
>
Received on Jun 18 2003

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos