WebApp Sec: Re: NTLM and man-in-the-middle proxies not working

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

WebApp Sec mailing list archives

Re: NTLM and man-in-the-middle proxies not working

From: raymond_b_jimenez () yahoo com
Date: 3 Oct 2005 19:32:37 -0000

From the tests I've done last week, I can confirm that Burp Proxy effectively deals with the NTLM authentication 
problem. What is more interesting is that even without fixing the NTLM credentials, the browser works with NTLM 
authentication. This behaviour might suggest that the HTTP headers introduced by other proxies might really explain 
why the NTLM authentication might not work with a proxy.


It does not explain though why it works in my testing scenario. I'll be testing it with Burp and other proxies in the 
next days and will post my results back.

rj

By Date By Thread

Current thread:

Re: NTLM and man-in-the-middle proxies not working raymond_b_jimenez (Oct 03)
- Re: NTLM and man-in-the-middle proxies not working Amit Klein (AKsecurity) (Oct 04)