It's tunneled in a bastardized way through HTTP Auth: requests. You do a sort of 3 way handshake. The best reference implementation I've found is in Squid, which isn't that nice for what we want though. This is the best documentation I found on the subject: http://www.innovation.ch/java/ntlm.html -dave Jason binger wrote: > Does anyone know of a tool or script out there that > can brute-force NTLM web authentication that may be > used on IIS or ISA server. > > I know IE explorer is the only browser that supports > this auth method. Does anyone have any papers or link > on how exactly it works? Is it just tunnelled using > HTTP? Or does it use windows auth ports like TCP 139 > etc? > > I have looked around to no avail. RFP says it will be > in whisker 2.0 but i need it now =] > > Any help appreciated. > > Jason > > __________________________________________________ > Do You Yahoo!? > Listen to your Yahoo! Mail messages from any phone. > http://phone.yahoo.com > > ---------------------------------------------------------------------------- > This list is provided by the SecurityFocus Security Intelligence Alert (SIA) > Service. For more information on SecurityFocus' SIA service which > automatically alerts you to the latest security vulnerabilities please see: > https://alerts.securityfocus.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Sun Sep 30 2001 - 12:56:40 PDT