Exemplo n.º 1
0
def test_ntlm_auth(url, credentials_buffer):
    auth_successes = []

    timeout = 15
    verify = False

    requests_buffer = []

    for credentials in credentials_buffer:
        auth = requests_ntlm.HttpNtlmAuth(credentials.username,
                                          credentials.password)
        requests_buffer.append(
            grequests.get(url=url, auth=auth, verify=verify, timeout=timeout))

    resps = grequests.map(requests_buffer)

    if 200 in [resp.status_code for resp in resps]:
        credentials_list = HTTPAuthUtils.get_credentials_from_ntlm_requests(
            requests_buffer)

        auth_successes.extend(credentials_list)

    return auth_successes
Exemplo n.º 2
0
import sys
import requests
import requests_ntlm

urlToConnect = "http://myUrlWhichNeedsWindowsAuthentication/50231/Test"
payload = '''
{
"name":"mjk",
"comments":"temporary",
"AccessLevel":"basic"
}'''
try:
    getResponse =  requests.get(urlToConnect,auth=requests_ntlm.HttpNtlmAuth('winuser','winpassword'))
    postResponse = requests.post(urlToConnect,data=payload,auth=requests_ntlm.HttpNtlmAuth('winusername','winpassword'))
    if postResponse.status_code == 200:
        print ("post request succeeded")
except:
    print("Unexpected error:", sys.exc_info()[1])
Exemplo n.º 3
0
def httpbrute_authenticate(url, username, password, useragent, pluginargs): # CHANGEME: replace template with plugin name

    ts = datetime.datetime.utcnow().strftime('%Y-%m-%d %H:%M:%S')

    data_response = {
        'timestamp': ts,
        'username': username,
        'password': password,
        'success': False,
        'change': False,
        '2fa_enabled': False,
        'type': None,
        'code': None,
        'name': None,
        'action': None,
        'headers': [],
        'cookies': [],
        'sourceip' : None,
        'throttled' : False,
        'error' : False,
        'output' : ""
    }

    spoofed_ip = generate_ip()
    amazon_id = generate_id()
    trace_id = generate_trace_id()

    # CHANGEME: Add more if necessary
    headers = {
        'User-Agent': useragent,
        "X-My-X-Forwarded-For" : spoofed_ip,
        "x-amzn-apigateway-api-id" : amazon_id,
        "X-My-X-Amzn-Trace-Id" : trace_id,
    }


    try:

        resp = None

        full_url = "{}/{}".format(url,pluginargs['uri'])

		if pluginargs['auth'] == 'basic':
			auth = requests.auth.HTTPBasicAuth(username, password)
			resp = requests.get(url=full_url, auth=auth, verify=False, timeout=30)

		elif pluginargs['auth'] == 'digest':
			auth = requests.auth.HTTPDigestAuth(username, password)
			resp = requests.get(url=full_url, auth=auth, verify=False, timeout=30)

		else: # NTLM
			auth = requests_ntlm.HttpNtlmAuth(username, password)
			resp = requests.get(url=full_url, auth=auth, verify=False, timeout=30)


        if resp.status_code == 200:
            data_response['success'] = True
            data_response['output'] = 'SUCCESS: => {}:{}'.format(username, password)

        elif resp.status_code == 401:
            data_response['success'] = False
            data_response['output'] = 'FAILURE: => {}:{}'.format(username, password)

        else: #fail
            data_response['success'] = False
            data_response['output'] = 'UNKNOWN_RESPONSE_CODE: {} => {}:{}'.format(resp.status_code, username, password)
def getFormDigest(uid, pwd, site, location):
    headers = {'Content-Type': 'application/json; odata=verbose', 'accept': 'application/json;odata=verbose'}    
    r = requests.post(site + location + "/_api/contextinfo",auth=requests_ntlm.HttpNtlmAuth(uid, pwd), headers=headers)
    print r
    print("Connection Confirmed")
    return r.json()['d']['GetContextWebInformation']['FormDigestValue']
Exemplo n.º 5
0
def create_ntlm_auth(config):
    global requests_ntlm
    if requests_ntlm is None:
        import requests_ntlm

    return requests_ntlm.HttpNtlmAuth(config['ntlm_domain'], config['password'])
Exemplo n.º 6
0
    from requests.packages.urllib3.exceptions import InsecureRequestWarning
    requests.packages.urllib3.disable_warnings(InsecureRequestWarning)

    # Grab the config.
    try:
        url = urllib.parse.urlparse(sys.argv[1])
        user = sys.argv[2]
    except IndexError:
        print('Usage: ntlmproxy.py [root URL] [username]')
        exit(1)

    if url.scheme == '':
        print('Missing URL scheme!')
        exit(1)

    if url.netloc == '':
        print('Invalid domain!')
        exit(1)

    if url.path not in ('', '/'):
        print('URL must be to root')
        exit(1)

    config['url'] = url

    passwd = getpass.getpass('NTLM password ({}): '.format(user))
    session.auth = requests_ntlm.HttpNtlmAuth(user, passwd)

    # Serve
    waitress.serve(app, threads=10)