An alternative to Paros+Ntlmaps

In my last post , I had described about how to set up Paros with Ntlmaps to do security assessment of the application requiring NTLM authentication.
It always works for me properly, until today! After a long time , I stumbled upon one application which requires NTLM authentication. As a Paros lover (no reasons, just due to its simple interface, I love it), I launched Paros and Ntlmaps. But badluck for me, couldn't figure out why Ntlmaps was unhappy with me. My whole day went in troubleshooting! Even I ended up un-installing and installing Ntlmaps. Even I locked my Windows user-credentials after exceeding maximum no of attempts from my system to the application. Anyways I got it unlocked. Even my colleagues were absent today (Ronnie, Thyagu) who might have helped me in configuring Ntlmaps.

Anyways, it's funny that I had never paid attention to a functionality already there in Burp and WebScarab- I was laughing at myself!
These proxies already have built-in functionality for working with the applications requiring NTLM. It's just so simple-took two minutes to setup. I should have tried them earlier. Anyways, necessity is mother of inventions ;).
Following are the options:

In Burp: Go to Options-> do www authentication section. You can add credentials or just check "Prompt for credentials on authentication failure".

The Burp will prompt you for entering NTLM credentials whenever you will try to access sites requiring NTLM authentication. Enter the details manually:

It will be saved for your future use:

Similarly in WebScarab: Go to Tools->Credentials.
Here you can enter the NTLM credentials or simply check the "Ask when required". The credentials entered by you will come up there:

Very simple and powerful options, I should have explored it earlier!


Popular posts from this blog

SQL Injection in search field

Nipper Download