NTLM APS python version 0.98

pycraze dennis.varghese at wipro.com
Fri Jul 20 17:35:59 CEST 2007


Hi ,

     I am working on NTLM (Windows NT Lan Manager )APS
(Authentication Proxy Server ) , to port to C language .

    I am using ethereal to monitor the packets sent between client and
server . NTLM is a MS proprietary protocol designed so that will allow
authentication only from MS browsers .

    This  proprietary was cracked and code was written in python by
Rozmanov .

The link to the source pool about NTLM is

http://www.innovation.ch/personal/ronald/ntlm.html

     Have any one worked extensively with NTLM APS python package
0.98 ?

NTLM APS have a 6 step process :- (C) - client (S)- server

    1: C  --> S   GET ...

    2: C <--  S   401 Unauthorized
                  WWW-Authenticate: NTLM

    3: C  --> S   GET ...
                  Authorization: NTLM <base64-encoded type-1-message>

    4: C <--  S   401 Unauthorized
                  WWW-Authenticate: NTLM <base64-encoded type-2-
message>

    5: C  --> S   GET ...
                  Authorization: NTLM <base64-encoded type-3-message>

    6: C <--  S   200 Ok


    After step 6 client must connect to server . But when i run NTLM
APS and watch the packets sent b/w client and server  in ethereal , i
see that client does not recieve 200 Ok at Step 6 , but receives 401
Unauthorized . After this i get a dialog box which requests me to
enter my user name and password  .

    I enter the credentials and then the server authorizes the
client .

    I am sorry that i cannot give more info on this . I can send the
saved page log from ethereal . That will give a very good idea .

    As per theory , it is only a 6 step process  . I am puzzled
regarding this .

thanks ,

dennis




More information about the Python-list mailing list