[prev in list] [next in list] [prev in thread] [next in thread]
List: owasp-webscarab
Subject: Re: [Owasp-webscarab] [Owasp-proxy] NTLM authentication
From: Rogan Dawes <rogan () dawes ! za ! net>
Date: 2010-04-23 8:45:00
Message-ID: 4BD15E0C.7000704 () dawes ! za ! net
[Download RAW message or body]
On 2010/04/23 10:12 AM, Martin Holst Swende wrote:
> Rogan Dawes wrote:
>> If you can give me a sample request, I can try to ensure that these
>> exceptions do not occur.
>>
> I'll have to dig a bit to find a good example to send (off-list), but
> here's the line which throws exception:
> UrlFetcher.attemptNegotiation():
> 557 String domain = credentials.substring(0,
> credentials.indexOf("\\"));
> So wrapping that else-clause in try-catch and returning null (?) fixes
> the immediate problem.
Well, I suppose I should just check to make sure that there is in fact a
\ character first, before blindly assuming. :-) Then no exception would
be needed.
>> Setting OWASP Proxy up as a reverse proxy is as simple as providing a
>> target InetSockAddr when creating the Proxy class. The target is then
>> passed down into the TargetedConnectionHandler, which uses that target
>> if a more specific one is not received (e.g. via SOCKS).
>
> Great news! I use owasp proxy a lot and have created a small
> jython-based UI for it, and will
> add this functionality to the startup-ui. When it is more complete, I
> will make it public.
> I have not yet created any interceptor for it, but plan to (probably
> reuse a lot from webscarab).
Sounds neat. I'd like to see it.
> Is there anyone on this list who have created any interceptor-ui? I
> would love to have it...
I am slowly working on a UI for OWASP Proxy, but it will probably be
commercial once I get it done.
Rogan
_______________________________________________
Owasp-webscarab mailing list
Owasp-webscarab@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-webscarab
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic