如何使用提琴手来调试chrome的ntlm协议? [英] how to use fiddler to debug ntlm protocol with chrome?

问题描述

这是与我试图找到一种无需经过真正的ntlm身份验证即可获取访问者Windows用户名的方法，我只想使用express-ntlm从浏览器http响应中提取用户名.

I am trying to find a way to grab visitor windows user name without going through real ntlm authentication, and I just want to extract the user name from browser http response using express-ntlm.

我对该过程的理解是:

1. 浏览器将请求发送到没有授权标头的node.js
2. express-ntlm进行401回复
3. 浏览器将带有授权标头的请求发送到node.js
4. express-ntlm发出带有挑战的401回复
5. 浏览器应发送包含用户名信息的回复

我被困在上面的步骤4)中. 我刚刚安装了Fiddler来记录页面加载的通信轨迹.

I am stuck at step 4) above. I just installed Fiddler to log down the communication trace of the page loading.

第一次握手:

GET http://localhost:3000/search HTTP/1.1
Host: localhost:3000
Connection: keep-alive
Cache-Control: max-age=0
Accept:     
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML,    
like Gecko) Chrome/40.0.2214.115 Safari/537.36
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8,zh-CN;q=0.6,zh;q=0.4
If-None-Match: "1085683586"

==== response ====
HTTP/1.1 401 Unauthorized
X-Powered-By: Express
WWW-Authenticate: NTLM
Date: Wed, 04 Mar 2015 01:48:10 GMT
Connection: keep-alive
Proxy-Support: Session-Based-Authentication
Content-Length: 0

第二次握手:

GET http://localhost:3000/search HTTP/1.1
Host: localhost:3000
Connection: keep-alive
Cache-Control: max-age=0
Authorization: NTLM    
TlRMTVNTUAABAAAAB7IIogQABAA0AAAADAAMACgAAAAGAbEdAAAAD1hBUEVOR0xJQU4zMFhMTlg=
Accept:  
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML,   
like Gecko) Chrome/40.0.2214.115 Safari/537.36
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8,zh-CN;q=0.6,zh;q=0.4
If-None-Match: "1085683586"

=== response ====
HTTP/1.1 401 Unauthorized
X-Powered-By: Express
WWW-Authenticate: NTLM  
TlRMTVNTUAACAAAAAAAAAAAoAAABggAAASNFZ4mrze8AAAAAAAAAAA==
Date: Wed, 04 Mar 2015 01:48:10 GMT
Connection: keep-alive
Proxy-Support: Session-Based-Authentication
Content-Length: 0

在提琴手的痕迹中我需要注意什么?

is there anything I need to pay attention in the fiddler trace?

我正在使用Win7 + Chrome. (我也尝试过IE和Firefox，但没有运气.)

I am using win7 + chrome. ( I also tried IE and firefox, but with no luck).

谢谢.

推荐答案

使用Fiddler遵循Ntlm质询/响应流程是一件好事.在检查器选项卡上，有一个 Auth 部分，其中包含大量信息.当客户端发送用户名时，您会在Ntlm type 3请求上找到该用户名.它已编码，但Fiddler会为您解码.

It is a good thing you use Fiddler to follow the Ntlm challenge/response flow. On the Inspectors tab there is an Auth section with extensive information. You will find the username there on the Ntlm type 3 request when it is send by the client. It is encoded but Fiddler will decode it for you.

这篇关于如何使用提琴手来调试chrome的ntlm协议?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！