Problem with connection to NTLM Authenticated page

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
Sema
Forum Commoner
Posts: 34
Joined: Fri Sep 03, 2004 12:43 pm
Location: Aalborg, Denmark

Problem with connection to NTLM Authenticated page

Post by Sema »

I need to open a connection to a NTLM Authenticated page from a php script... The problem is getting the second call through, it hangs on the first call when i am getting the file content from fgets()... her is the code so far...

Code: Select all

<?php

$url = 'skolenet.ats.dk';
$get = '/protect/ugeplan/?fn=16';


if ($fp = fsockopen($url, 80, $errno, $errstr, 30)) {

	$out = "GET $get HTTP/1.1\r\n";
	$out .= "Host: $url\r\n";
	$out .= "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; da-DK; rv:1.7.12) Gecko/20050919 Firefox/1.0.7\r\n";
	$out .= "Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5\r\n";
	$out .= "Accept-Language: en-us,en;q=0.5\r\n";
	$out .= "Accept-Encoding: gzip,deflate\r\n";
	$out .= "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\n";
	$out .= "Keep-Alive: 300\r\n";
	$out .= "Connection: keep-alive\r\n";
	$out .= "Referer: http://skolenet.ats.dk/\r\n";
	$out .= "Authorization: xxx\r\n";
	$out .= "\r\n";

	$out2 = "GET $get HTTP/1.1\r\n";
	$out2 .= "Host: $url\r\n";
	$out2 .= "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; da-DK; rv:1.7.12) Gecko/20050919 Firefox/1.0.7\r\n";
	$out2 .= "Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5'\r\n";
	$out2 .= "Accept-Language: en-us,en;q=0.5\r\n";
	$out2 .= "Accept-Encoding: gzip,deflate";
	$out2 .= "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\n";
	$out2 .= "Keep-Alive: 300\r\n";
	$out2 .= "Connection: keep-alive\r\n";
	$out2 .= "xxx\r\n";
	$out2 .= "\r\n";
	
	//step 1
	echo "\n\n STEP 1 \n\n";
	
    fwrite($fp, $out);
    
    while (!feof($fp)) {
    	echo fgets($fp, 1024);
    }
    fclose($fp);
    
    $fp = fsockopen($url, 80, $errno, $errstr, 30);
    
    //step 2
    echo "\n\n STEP 2 \n\n";
    
    fwrite($fp, $out2);
    
    while (!feof($fp)) {
    	echo fgets($fp, 1024);
    }
    
} else {
	echo 'Error connection to host';
	exit();
}

fclose($fp);
?>

At the moment i have removed the authentication hashes with xxx, i have recorded the hashes from a real login from firefox, but when i run the script it gets the info from the first call (step1) and hangs in the first while loop, the only way i can get it to go to step 2 is to set the connection to close, and not do a "keep-alive" connection. But if what i have read about the NTLM authentication it needs to be a keep-alive connection. ? any ideas...
User avatar
sweatje
Forum Contributor
Posts: 277
Joined: Wed Jun 29, 2005 10:04 pm
Location: Iowa, USA

Post by sweatje »

You have to provide the hash appropriate to the request you made of the server (in other words, you are trying--unsucessfully--to perform a man in the middle attack). To really pull this off, you need to be able to repliacte the NTLM authentication yourself in PHP. Here is an example of that authentication process reverse engineered.

Isn't there a way you can offload this authentication back to the client where it belongs?
User avatar
Sema
Forum Commoner
Posts: 34
Joined: Fri Sep 03, 2004 12:43 pm
Location: Aalborg, Denmark

Post by Sema »

I need the connection to connect to a protected web-page containing a table of times for the different classes at my school, we all got users and passwords to enter the page, but we are forced to use the web-page to See this info. But i need it for offline use in a PDA, and therefore need to find a way to connect to the page, and parse it to a XML file... (so other people at my school could find a good use of it to)

I have read that page with the NTLM authentication, but that isn't the problem right now. The problem is the script stops after the first headers is sent, i get the right headers back (code 401) when i echo the return out, but the script stops responding right after the last part of the output is echoed (it never echo "Step 2"), this only happens if i use the keep-alive connection, but the authentication demands a "keep-alive" connection, and not a closed connection...
User avatar
Sema
Forum Commoner
Posts: 34
Joined: Fri Sep 03, 2004 12:43 pm
Location: Aalborg, Denmark

Post by Sema »

found the problem, is seems that there isn't sent a endOfFile marker if the connection is set to "keep-alive", so the feof() function in the while sentence would never return true, and the while would keep on running. Therefor just getting the headers and then terminating the while is fixing the problem... :)
Post Reply