SprayingToolkit icon indicating copy to clipboard operation
SprayingToolkit copied to clipboard

Published 20 hours ago verified publisher icon byt3bl33d3r

* Parse positionally independent WWW-Authentication header

Open coffeegist opened this issue 5 years ago • 1 comments

Most of the time, the WWW-Authentication header comes back looking like this:

'WWW-Authenticate': 'NTLM Tl<..snip...>A=, Negotiate, Basic realm="autodiscover.site.com"'

The original code handled this fine. However, sometimes the header can come back in the following form:

'Www-Authenticate': 'Negotiate, Basic realm="autodiscover.site.com", NTLM Tl<...snip...>A='

When this happens, the program would throw an error during parsing: Error parsing internal domain name using OWA. This usually means OWA is being hosted on-prem or the target has a hybrid AD deployment.

This pull aims to reduce these false negatives by parsing until reaching the NTLM section of the header.

coffeegist avatar Apr 29 '20 20:04 coffeegist

@coffeegist good catch, thanks for this. I'm currently re-writing the entire thing (checkout the dev branch) and i'll make sure to add this in. Cheers

byt3bl33d3r avatar Jun 11 '20 12:06 byt3bl33d3r