HTTP
HTTP GET
HTTP NTLM auth
connection re-use
# Server-side
connection-monitor
HTTP/1.1 401 Authentication please!
Content-Length: 20
WWW-Authenticate: Digest realm="loonie", nonce="314156592"
WWW-Authenticate: Basic
Please auth with me
HTTP/1.1 401 Authentication please!
Content-Length: 20
WWW-Authenticate: Digest realm="loonie", nonce="314156592"
WWW-Authenticate: Basic
Please auth with me
# This is supposed to be returned when the server gets the second
# Authorization: NTLM line passed-in from the client
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Length: 4
moo
HTTP/1.1 200 OK
Server: Another one/1.0
Content-Length: 4
boo
# This is the first reply after the redirection
HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 34
This is not the real page either!
HTTP/1.1 401 Authentication please!
Content-Length: 20
WWW-Authenticate: Digest realm="loonie", nonce="314156592"
WWW-Authenticate: Basic
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Length: 4
moo
# Client-side
http
!SSPI
crypto
HTTP with --anyauth and connection re-use
http://%HOSTIP:%HTTPPORT/1418 -u testuser:testpass --anyauth http://%HOSTIP:%HTTPPORT/14180003
# Verify data after the test has been "shot"
GET /1418 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
User-Agent: curl/%VERSION
Accept: */*
GET /1418 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Authorization: Digest username="testuser", realm="loonie", nonce="314156592", uri="/1418", response="986238b7e0077754944c966f56d9bc77"
User-Agent: curl/%VERSION
Accept: */*
GET /14180003 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
User-Agent: curl/%VERSION
Accept: */*
GET /14180003 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Authorization: Digest username="testuser", realm="loonie", nonce="314156592", uri="/14180003", response="1c6390a67bac3283a9b023402f3b3540"
User-Agent: curl/%VERSION
Accept: */*
[DISCONNECT]