Re: IIS 5.0 with Integrated Window Authentication

From: Kevin Spett (kspett@spidynamics.com)
Date: Wed Nov 06 2002 - 15:50:26 EST


WebInspect supports NTLM. Your assumption is correct, it's got to be
designed specifically for it.

Kevin Spett
SPI Labs
http://www.spidynamics.com/

----- Original Message -----
From: <cc_mofo@hushmail.com>
To: <pen-test@securityfocus.com>; <webappsec@securityfocus.com>
Sent: Wednesday, November 06, 2002 3:15 PM
Subject: IIS 5.0 with Integrated Window Authentication

>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> I'm doing a security review and penetration test of a site running on IIS
with Integrated Windows Authentication. Anyone know of an IIS Scanner that
can do an IWA exchange before scanning?
>
> The SPIKE proxy looks promising, but it appears the NTLM support is not
quite "there" yet for this purpose. The goofy three-message exchange that
sets up the NTLM security doesn't seem to make it through the proxy, which
leads me to believe that any tool that will work for this must have
intentionally added support for IWA.
>
> -----BEGIN PGP SIGNATURE-----
> Version: Hush 2.2 (Java)
> Note: This signature can be verified at https://www.hushtools.com/verify
>
> wlwEARECABwFAj3JeFQVHGNjX21vZm9AaHVzaG1haWwuY29tAAoJEDsVajchvitlDKIA
> n1atyjW01supq8g9YhQqS3xC013lAJ9BjVmoqZOorkOOFLrjNEns9Ao4qw==
> =O5GH
> -----END PGP SIGNATURE-----
>
>
>
>
> Get your free encrypted email at https://www.hushmail.com
>

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:25 EDT