[Turn] about NTLM-certified. Net,php,python Login

This article transferred from: http://www.cnblogs.com/myx/archive/2013/03/25/php-ntlm-python-net.html

The early SMB protocol transmits plaintext passwords over the network. Later, the LAN Manager challenge/response authentication mechanism, called LM, was so simple that it was easily cracked. Microsoft has proposed a WindowsNT challenge/response verification mechanism, called NTLM. There is now an updated NTLMV2 and Kerberos authentication system. NTLM is a Windows early security protocol that is retained for backward compatibility. NTLM is the abbreviation for NT LAN Manager, which is the NT LAN Manager. NTLM is an authentication protocol that is provided for computers that are not joined to a domain, such as stand-alone servers and workgroups.

NTLM authentication allows Windows users to authenticate with the identity of the current logged-on system, and the current user should be logged on to a domain, whose identity can be automatically passed to the server through the browser. It is a single-sign-on policy that allows the system to reuse user credentials that are logged on to the Windows system via NTLM, without requiring the user to enter a password again for authentication.

In fact, this time to do the main function is the PHP NTLM login, but the search for a long time, have not found the specific. See the most information is: HTTPS://GITHUB.COM/LOUNE/PHP-NTLM but ntlm_prompt ("Testwebsite", "TestDomain", "MyComputer", " Testdomain.local "," mycomputer.local "," Get_ntlm_user_hash "); As if there is no specific user name and password, the test is still required to enter the user name password in the browser pop-up window. No other place was found available. Later see curl inside has a--ntlm, a test, originally still so simple.

        $url = ' http://xxxx.com/HomePage/info.aspx ';//Note: Is the page address to get information, not the address of the login page.$user = ' Test ';$password = ' Testpwd ';$ch = Curl_init ($url); curl_setopt ($ch, Curlopt_returntransfer,True); curl_setopt ($ch, Curlopt_header,true);//Plus this can get the cookies, that is, the output of the $result in front of the header information curl_setopt ($ch, Curlopt_http_version, curl_http_version_1_1) curl_setopt ($ch, Curlopt_httpauth, CURLAUTH_NTLM ); curl_setopt ($ch, Curlopt_userpwd, $user. ': '.  $password); $result = curl_exec ($ch); Preg_match_all ('/^set-cookie: (. *?); M ',$result,$m); // access to Cookies var_dump ($m);             

. NET is also very simple to obtain, the code is as follows:

Try{CredentialCache Mycredentialcache =NewCredentialCache (); Mycredentialcache.add (New Uri ("Http://www.xxx.com/infot.aspx"),"Ntlm",New NetworkCredential ("Test","Testpwd","Domain")); HttpWebRequest req; Req = (HttpWebRequest) httpwebrequest.create ("Http://www.xxx.com/info.aspx"); Req. Method ="GET"; Req. KeepAlive =True; Req. Credentials =Mycredentialcache;//Save cookie Cookiecontainer cc =New Cookiecontainer (); req. Cookiecontainer = CC; HttpWebResponse Res; Res = (HttpWebResponse) req. GetResponse (); Console.WriteLine (Res. StatusCode); Console.WriteLine ( "------------------------ "); Console.WriteLine (Res. Headers.tostring ()); if (Res. StatusCode == Httpstatuscode.ok) {// Verify success  Console.WriteLine (Res. StatusCode); }} catch (Exception ex) { // validation failed    

PYTHON:PYTHON-NTLM (official address: http://code.google.com/p/python-ntlm/) is a module that is used to access the NTLM authentication URL, and the code is moved over there. My tests are available:

URL ="Http://www.xxx.com/info.aspx"#Just note that this is the address where the information is obtained. Not logged in. The address of the login you just started testing with.    That's not going to work. user = U‘Randy\\test‘Password =‘Testpwd‘Passman =Urllib2. Httppasswordmgrwithdefaultrealm () Passman.add_password (None, url, user, password)#Create the NTLM authentication handler AUTH_NTLM =Httpntlmauthhandler (Passman)# Create and install the opener opener = Urllib2.build_opener (AUTH_NTLM) Urllib2.install_opener (opener)  # Retrieve the result response = urllib2.urlopen (URL) print(Response.info ()) print (Os.path.join ( OS.GETCWD (),"1.txt")) #outfile = open (Os.path.join (OS.GETCWD (), "1.htm"), "W") # Outfile.write (Response.read ())               

[Turn] about NTLM-certified. Net,php,python Login