Bypass SSL check and Pass through Burp For NTLM Authentication

I was testing an app which requires to skip SSL check and perform NTLM authentication through Burp Proxy on a Windows machine.

The SSL checking can be bypassed by appending   `$lwp ->ssl_opts(verify_hostname => 0,SSL_verify_mode => 0x00); ` after the following

```
  $lwp = LWP::UserAgent->new(env_proxy => 1,
                            keep_alive => 1,
                            timeout => 30,
                requests_redirectable => [],
                            );
```
  
I used the proxy option but somehow it was not working because the original code proxied the http traffic only, so I changed the code from 

`$lwp->proxy(['http'], "http://".$proxy);`

to

`$lwp->proxy('https', "http://127.0.0.1:8080");`

so the https traffic would be proxied to burp.
 

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bypass SSL check and Pass through Burp For NTLM Authentication #10

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Bypass SSL check and Pass through Burp For NTLM Authentication #10

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions