Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Incorrect Padding #34

Open
ibigpapa opened this issue Apr 4, 2014 · 13 comments
Open

Incorrect Padding #34

ibigpapa opened this issue Apr 4, 2014 · 13 comments

Comments

@ibigpapa
Copy link

ibigpapa commented Apr 4, 2014 

import requests
from requests_ntlm import HttpNtlmAuth
 requests.get("http://moss.company.com",auth=HttpNtlmAuth('domain\\user_name','removed password'))
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python2.6/site-packages/requests/api.py", line 55, in get
    return request('get', url, **kwargs)
  File "/usr/lib/python2.6/site-packages/requests/api.py", line 44, in request
    return session.request(method=method, url=url, **kwargs)
  File "/usr/lib/python2.6/site-packages/requests/sessions.py", line 383, in request
    resp = self.send(prep, **send_kwargs)
  File "/usr/lib/python2.6/site-packages/requests/sessions.py", line 491, in send
    r = dispatch_hook('response', hooks, r, **kwargs)
  File "/usr/lib/python2.6/site-packages/requests/hooks.py", line 41, in dispatch_hook
    _hook_data = hook(hook_data, **kwargs)
  File "/usr/lib/python2.6/site-packages/requests_ntlm/requests_ntlm.py", line 76, in response_hook
    'Authorization', r, kwargs)
  File "/usr/lib/python2.6/site-packages/requests_ntlm/requests_ntlm.py", line 56, in retry_using_http_NTLM_auth
    ServerChallenge, NegotiateFlags = ntlm.parse_NTLM_CHALLENGE_MESSAGE(auth_header_value[5:])
  File "/usr/lib/python2.6/site-packages/ntlm/ntlm.py", line 217, in parse_NTLM_CHALLENGE_MESSAGE
    msg2 = base64.decodestring(msg2)
  File "/usr/lib64/python2.6/base64.py", line 321, in decodestring
    return binascii.a2b_base64(s)
binascii.Error: Incorrect padding

I can run this requests get and get a proper response

requests.get("http://ntlm_protected_site.com",auth=HttpNtlmAuth('domain\\username','password'))
<Response [502]>

as soon as i change the site to the correct one and put in the correct username and password for my domain i get the incorrect padding error.

Here's the installed python info it's python 2.6

argparse (1.1)
Flask (0.10.1)
haufe.sharepoint (0.1.9)
iniparse (0.3.1)
itsdangerous (0.24)
Jinja2 (2.7.2)
kerberos (1.1.1)
MarkupSafe (0.19)
pip (1.5.4)
pycurl (7.19.0)
pygpgme (0.1)
python-ntlm (1.0.1)
requests (2.2.1)
requests-kerberos (0.4)
requests-ntlm (0.0.2.3)
setuptools (3.4.1)
suds (0.4)
urlgrabber (3.9.1)
Werkzeug (0.9.4)
yum-metadata-parser (1.1.2)

Running CentOs 6.5 Minimal
@Lukasa
Copy link
Member

Lukasa commented Apr 5, 2014

Can you show us what the Auth header is?

@ibigpapa
Copy link
Author

ibigpapa commented Apr 7, 2014

Hope this is what you are looking for. I used chrome to capture the headers. Not sure if i needed to pull directly from the box i'm getting the padding error or not on. That box is headless so if we need that let me know best way to capture.

Request:

Authorization:Negotiate YIIUwAYGKwYBBQUCoIIUtDCCFLCgMDAuBgkqhkiC9xIBAgIGCSqGSIb3EgECAgYKKwYBBAGCNwICHgYKKwYBBAGCNwICCqKCFHoEghR2YIIUcgYJKoZIhvcSAQICAQBughRhMIIUXaADAgEFoQMCAQ6iBwMFACAAAACjghLzYYIS7zCCEuugAwIBBaEPGw1BTUVSLkRFTEwuQ09NoiwwKqADAgECoSMwIRsESFRUUBsZaW50cmFuZXQyMDEwLmlucy5kZWxsLmNvbaOCEqMwghKfoAMCARehAwIBAqKCEpEEghKNvMtcPsqz01OpZnzStohceAsfCSLfyKT+lJ0L6+Wfr7FNZKC495SGyLF4QZPeE0/rfhCskbIwQ0imtr9XZnNH2MWHdC129fEGTGaHRM9UfO5Di6xY9GVplkiUecDGE1wOpRpHuEf+u5b0C23K57aL6iN9fopYcjWXtnZaXfAAOFth0saHRCRbM+0/vwzERRY5/kTavhmiFU/yW7sKrVgunLB8JySJW9zWNfsgtq4uYh3NFfClpHK/yRdyuLBiyB90Wx+32IFSaR41qpoaQblN/tNvbTRo8na0rvIwhe+3MhZgpcS9g7W4O6ovL0PqDsvrJajAJkYYHnecDRZoUdJ15aw8VsZtAFOm2XbO5IsH06bL4gvXZQx0jcdX1cjx38NMDoAAQjqq1K/5tBY86yD/uNcledngFFY7utjF65IBNd+ewYf3le5TxMM1QY1YWtdTJTwpMkSZckihsUIi7TUAaMmSzG0/AMjWJZIMLXQoAUgQrXQHf5ivrWcRFWnmyeJDjnyOKffHpziOTPVWtp1GUcq1eXwRNwa9kZYThiogHqVg2tNsVZjT7RNvAT98jV7w/slZ45vi0Smj+UDwe4SPGdUFGoNX82TTJqFI2AXcS8pS/yq+DBBiYViSZclbYuPonRzj/RmtO4K6GTFDLMhRLApz8Ye24kOcWJQ8yADi48Sd4Pz5QsgCq8tCQgiqsHmythoslbRaNN5mZF6yYRv0r47EUMeSJZrJNitaKEhlLL4oWmFyfqIpv0Nagxh/lO4LcDE9iK24IVMjrw1YxZOZCqBNAsdVX+sC9Dly6uBObw3f4sccjNKU2s/ju8hca5Jkdf4X3AMvflHp7aW46FFmuthS8V6F3Vu2ogkCjFYArKnKkDFAEtFKtEoSu3QsaciX1PLo7mKZtIR6XA5A8Lor2Y0LTHsp+dx8nI/vqxAOQqi/FhWmLsbySq0xTBBOnsrJWA1Y9IwojxvHUwmQrh48MM2VNnrWSJGtRFhHdUPpFYjvUGci/7GzxhsiSefzyx8LCIFfjEWBDT9k58/Dx1iwamiBVMG/zQlkQO+COfQuJa+6Ab/Z73sqx27RRqaS8qqQYOofgahoYwHv44CfsElf4rIrQoXtnC3pfKD84kger8VtLoeqXsOhLpgnw8uFAE/CVfsafA8h+q1fD/s+2ogA1sBbVoPW6mWq6lo1heC12wtBC+kU65Agm+/nrUFC+ry+9yL+EgaHQ5HwGi2KhAXELDAYF6PO3YP40u2fKxI4i4BIoaH2rdndlPXd8qEO83EYuMOxVBHaVB2fyIEe2sEDkgHynV2RC8ayQxwmzUYZZtA3KLWkpeyMTMFqxDiGFAUdQ66jeH4b88ryYlIr0lxMTUMnGYD2Snf7q9MB/pjTvF2O9oWXoejNNuUApGR23C0s8xZlBvv3NqDwU4yLx9+cu5Xn2T6td3KepxJ5oHXxj/Rrj/sTTfsIr2QLmiFbaX8bROFQn/cHq1u0k2p295i9lOoKGdbc+koOWWrSs/jTGP4svE/1tWpYl9FtDtHNZy4BWQ/yJtBRwgo06uQ1CGtotjeztNhW/sBxqKChg3uaQ3+OH7VnBrYKGux5lZRKLdijN/zqET4teHFvcJ67w9w/eERiZ09nKfrltB6TSxXRed+zfteGwQKOrZvQIbab21AG9zIZdXOyEZu3lSlA1cW0RPgm5HIXSaVLAWneAL+W0ZNeN+z0GMNhYelurKGlVDTeD5rCeqTvXzKROqq93g+pTjYg8tEXx7StbL4AXhBG4d90liuLwUQYDCm7AAApoLK3JSPew/RxXZPP1XbfJTuWFVN7IrjEWAZgOBMkZrgWb6I7i8vs4uy2U58N+GyqQHK0UcqBDCu2C85kFSMQAZN6SRMjojWlm6mgnWqOIyCj+G0QLlrFXm+9FhBN7u1tZ29j2BmKFrErBSz9/61lgHNwxOgaImLN2b5c6AZoqQUND4NStT6MPm1Ey9dgu4HPKThXvAZ4kUepoGxr+vUrNhibjc34G63o9wHcjaTln9qsmVuEq2Tas/L02oNIRXic4eEHbmU1YmVXHdkuMQRFV4htCD4DsQZt5zH+6hibwpEtJfJa54WfWXYiwC070ULunisTccgenY8rpR/q8JEDFgf8OPxPs+TvOs2nnAq9FkS2k7ITx4/NbSYXt18o6V7ohQX9jzH4EGPzyv173bdwVVM/4aFXjLq93BcwfZFUkAEZSGxFEvD3iVj3aKhfRpXVaMS6bdnrwrR+sUUtXBVt2ARjodN6/dDcgEshsZnIdq2gB3t86bKbDgou+XEo13fSvjwACnFmhnUIhDkD53dhMBxhLuOLRe/0j9rkImLXonNYLqAzEXmvGMne7Y9oOyjePwe1T8T2ApuMBnKG116SySSlhzw0yf30mfN/yPO2rGHkZoWROUU3MhivTRgfdfNx1s0Jp9LAy8Hf1GYJtBvb4+gXxc43bNLxezTmn3vmO6Y5jbyMTu2tbzVq/FB2TjRPV8NdUehJtBbHpxYCZJGgYQCN8rvgaEzkLXxwziVIH0M7bN9mVTd+VuKZ9UQPGKbqxGYAGpSR5LYP9b2ptE3dG0Nye29egvwKypvIxPISNYlL5a2MQD8bvYAqzbyvlIvWi/Oask+k5NzFcWapTsyjaFfKF9eRadKc6AomggFwFSW7l8Mjt88rh/8l5UNgdGpF8guW4Tb3+YuiKBLUnlg+V/1IR8drSP4kssBM4yr2vMySawL+sVQGJKdIJiH8MtnDaCL0Mdxbue92QdAywfY25TMGPJxkdLTUUSVWp3F9xsB4NyUPyklIPETJLUgwFhyKqmjIPEY0yZJuirB8HzrhyTKwqcWxsze6zgrI+iAF3FHu2j51IrCa7q2oW3B+nXnPEObTa5YiFWEkz7rJqKTR4Wa0y5Dtd4TvVUZ18bx+CKqHIgB+AP3IadZlwGDnVE7IFZu1cFHaBQd77BM3cJfGpl1Q3bnuJT5dDxqD2tQ/bLvcNnTI1E/TcVA3Z8SrbNYH2S0GOqb/stGsfEBrN+qLqT6S240DiEIPPspcvRqYgbJqJZNrtY6O1VOrNBwSofqASxmfJRIwScDn1IrJOJzTtBRC9Mlnn7lKK9ukhOXbS1KRhOrYnl0EO/hGSBzhtdco0RnN4+meO3RmYR7kcupkIy4SZUNZKIxtkZALy7xdE+eXAvcskf6tDpI2zz+nSlRBtqqREp4DX1M/Zt4Sg0zqIw30dh/iZabLz3R5fiinBqwqlKKetIOcTqQJN9IIBn+lgiM6PVJeNveiFuQAMqgpffVOejU9PIzp1wTaJTY2EaU2Ldk1UxmVW2EfIMAieuFZr1sR4+cVt092Fja8lbxN98aoEKCMEhJZx0R7cuNDMm2tbXe6x1AnvH5mxC49025/4+LR6T3Qh4oK57a1zM13cYJqJSevvRd+h+UpCQ3aAYUh/Iw/J2D3tcdUpyRLAhts/8UonxH745X3/tGuzJbVmjQg9SkISPLDuAiaQxjUjpXbK95jw2ueXVR927LtpivDJcxrpUHiwLSyYnH/O05ndl3g4LU6yfatvKBQ+N8WzjlpKdWYtvFjrtJ7O3DxaRnqLZxa0auQQH/RV9bT7b6JZmgInmiHjRt836sPba/5t1lS5+zPSGWhXjAplyhlE1ksuON1XtqVYh0XWOBgDafph53g07nn7oAQLL1OlsHdoG4lNA6Ndnn5VDSToWoPyQalKyeDrAnrotIoYVNuyhrdZPQGs3x63obG46zmwxS/78yLvZ07vnurz+fOpMxmMxWwZRQHS2DE7+Q4DjQOpn+AZQjcZM2D5vDoHy08Btt7TgMutUX+JiB9dPz7mhs9Oc1xedMHrrgalZL/P+39E1MUjYAZIYHVZQbCGFkDAZ4jZRHtpCM1VJMpBPQIeMSQSxZv6Yq5Fm41gimsPFVXBNxtsh18iXWscCLsey0bz4DpLYPAGJvhvqcqhMTVoZayBT3dNEnU47dCj9Zfnt8HSjunaQzi+yUMuBhm2DHANBYjkGSWUWjVD4/YPbeOOExYng9q75IScMAfkhhP4RrWFZRqAbaAKORnKVgt7f7ChnSlRUy1+S8tAYP/v5Go9UXh8NsbMA7xmVhAERQY1n6+NJDvhqsMpBITJxhkUlDDUfh5hzKVwzhA4JM1HlBy27K4VqC6IMJsKggxx9TJZwl26V86VBAFJjILBFH0+QlDVKFKLhfEySRXlkiTVk3HsNMiwTc0vMysyg32fQLn1bFqJOYf1Z0WO44DMF9zyvikjjm1GSiqN6GStJvVMZCUJ8ZCcTfnArthmIrbN0JArcefORryFMQIbFUTGXTd19mXlDiu5Kqj+xl2N71zRcGOhF1hHyFQfMi0cwQLgkd0XjmukPFhN2e+9vT7U1JvyzX33FrUsROMSHBxKtw+friJrBE5pn3A5FaccuthPEOVTk51/YulWvJQPFOCutkDqeuJ0gAcsd4rDCV3j0EBDNvz7dKpSfM/MsF8XDu+el/PpYwewk1N/tUbc8wHydKYj6/O0B6N3CwFxpMF7cISiJ67Vw4d+pTbNOoJ8Ak0Q6JTZDWJF8UlPjqOvPiuZPWsKYAcxdABEPEGZdKHIoI9VNltpYsCR6Gz70oeXU97yKolwwmu+Nssvy42LX7+XCU4L1yRqudG168CBQviW8JBiNcF4KZVibcr2OtChuDQIb/eIRTeK3ClhCzPmQ/Nq9yGqwo0XolGLV0Q0LkXQTkozNM4kR2iMntHuasPHV5xpnXDQDdI3aC0FlBhTi3fY2tsVOjTDol8nNvIfePS4zUvcWO6Gcp1FKEPSs+YuOwQDC9jO/rLbJDR937FL2uAONFTU6DqevlZV+p9C2iwacO7w3bJC3syyQbpvaOP5iPfk75U0Pny5TXebOFERZrUb7PioqmvZEa5QM0rkjl/tXBWsNhXHrjgiqjYZPC2sQ3b5VfjQpztXRLwn0dWBMjUw/M2ncIwgZMyrB/m04lHZj3wJqkbBma0i8biV7dBV45duR12Cy0HuWITmUKo5TDq36N/X3TpeTntkv/VQGbfofJ28ncYxYhCGTv9W2gdJ3GnmpxvMN0bf0m2YQZdrPWk0iZzEKsuDf/Xe/mTY6c1jrgHryGjVP1Bn6n1spUyQFLBqnLHzbcBU7iMOLxhj+Qik7A9sRVZLGmVj+b1B9nJ0Qm8Exrjyted1sfi5ACcjJv9/OgjdiENfGZhvR85f/v2crJM+W6GMoRNsCTvaQKxDeHVgz11KPU95k3b3xOBfhi9iNSnWoScH/jYtEP09qLPY8j2mv/trKw+KFSowbUxl9TiLjeg6s7guuorE1bXAKW9UjEgQDToIs7yrqvojtJFsC+NCvUwBG+/HQvZDwuAQkGnlHqIgrkrCoBydEDUaOphXyxFQQp2KZtv5C8PPoBifsP764IZaW7rNzHuUUlqirLcWkvr09kG8IiSvSSEBOISHB7ixU/M7+/5+oCk8wPeAwehHpd/Rdm+SKk7+U9d60w5eA+/b3e/YO1h2QedgJgpJ3vFAMWAWr582h8IolV0YSJduGqM0P+jC3rDPNbW8noH0kDYBnymGZRBF7kAKiQgzUBchslBC1JG6g5Gr3qFYEWtNEABjLY1+pOcEMZn+f8+gS+1OY28idvPfPW7/6lcyY60aGkwL11TpFwWtW1/4u+ogEIwYYRwvrGWyEtrtVqpAoKmYnY+ssP7oaKfqBHXbk0jgiKUjLUH1PmeKbkCLUHChAOvO8PqehQqgLqPrUZZOjv802YlR1+4Y6oGlui1Kh3wf//dyg2rygIIuktC8Z6vsl0LMIYPQe13KnWjVqgbV0w6diCu+OB9b/EgnxRGg2t4l3KWVzU35jmJIvMHbJf3oW7tS2TAO7Lx9k42I+WOvr+rLQht/qw3QUi7XUGkxAmIrgxIEaP1ciKJDFKYT3fk24N+FSwlJ4HaI/yJ3f39FNgAaKqkslwK9/ZvIIL03XTeeuBvqsqshey/0X/6eGorgK7OB8NSLu8P05a4jGO4qjSvk05HZrKKr+eRlDZpJhHN+CJ04Upy0qRBbCOTyuZzKWzVhETDWzq/jW/Vwp3G/S+xmWHn/ZrkYgxC2AxFLVIdLBu0t7NZP0HClmktlUTekmib+2+1lG7Bb3Uzsm2QnBu1vu5Su6Imztx5UxUplJRt+/TjloLUx6agyqJ0Ha90WeRzKpO7DK1IBYCf4m0UhCPV9C2QjD0t++y7zQ0jEthr2jmPkAqfaGbp8U5YDCdYvT6JFPt1y/5R60E/Sc86DIx76+M5U/b3WEp9FhRJGASRbLFX5qvtzozkzAVHtXy+SPqH+FjrJVvl3D7mXKMxLRXyNGLhdF0GpIIBTzCCAUugAwIBF6KCAUIEggE+aMektptmdbefuTJgMmeZu6SCpWf4cF2DDpJA97PKW2PAeMC37k+VAkmJZ9Chl+7g+hp9fqP73aPFhb6zWhB2ek8UsqToU0oVEwbPfcbnjsOipgXghvXISryd/jNIhj0FspGzEWdaeSvA8ZBaLFsWD5KlcrvcOxCOCOmqY0SeVQOyciiknqmEmyYYkZs2YkkFbY7z5JOlovh/5n81Q6q3e8xzInOjCdGsYMCSksZobubWTFvswcq4vXtTgJT13PyetqLb8ov1tcisk44BHpUqLrByzE4PEJbDmQKB17JTE7MU4PdJAV7l0ZvlH/W+egafYO+L2SbExHwCzAUZT+FpXhgxjuJUhi2ai+fygfY0af7+VSxYuSG/nf+PD8T2LnFQKVLvL6nVI8zjTz7vVWp910n6LKbo73gIx6opxLf6

Response:

WWW-Authenticate:Negotiate oYGyMIGvoAMKAQChCwYJKoZIgvcSAQICooGaBIGXYIGUBgkqhkiG9xIBAgICAG+BhDCBgaADAgEFoQMCAQ+idTBzoAMCAReibARqnIjb09db20DFhrBbWtyaVv5+4yruJCmNih8TYwUydJSU3jSGSCKYbGx8wLvNaag4XlGUw4DxZo2Nvyl24vj6YayMVlbUW1iSKXg4erhCDOJ71CnaR7u5fwMCI44GXu81ChWblMCpwPWfVA==

@Lukasa
Copy link
Member

Lukasa commented Apr 7, 2014

Ah, sorry, I wanted the NTLM challenge.

What I'm getting at is that I suspect there was some invalid base64 character sitting around, and I want to try to find it.

@ibigpapa
Copy link
Author

ibigpapa commented Apr 7, 2014

Do i need to do a packet capture to gather that? I don't see a challenge listed in the headers from chrome developer tools by tracking network.

@ibigpapa ibigpapa closed this as completed Apr 7, 2014
@ibigpapa ibigpapa reopened this Apr 7, 2014
@ibigpapa
Copy link
Author

ibigpapa commented Apr 7, 2014

Accidentally closed

@Lukasa
Copy link
Member

Lukasa commented Apr 7, 2014

A packet capture would probably help, yes.

@ibigpapa
Copy link
Author

ibigpapa commented Apr 7, 2014

Ok here's the packet capture it does look like it stops on the challenge from the server when it errors as that ended the communication with the server.
Frame # 3510 is initial outgoing get
Frame # 3523 is response saying use ntlm
Frame # 3532 is negotiate Out
Frame # 3533 is challeng in

Sorry if the redaction causes problems If full info needed I can work with you via a private form.

No.     Time        Source                Destination           Protocol Length Info
   3510 15.973547   10.14.177.31          1.1.1.1       HTTP     288    GET  http://redacted.redacted.com/sites/RedactedServerLab/default.aspx HTTP/1.1 

Frame 3510: 288 bytes on wire (2304 bits), 288 bytes captured (2304 bits)
Ethernet II, Src: Vmware_90:53:be (00:50:56:90:53:be), Dst: IntelCor_37:1a:6f (00:15:17:37:1a:6f)
Internet Protocol Version 4, Src: 10.14.177.31 (10.14.177.31), Dst: 1.1.1.1 (1.1.1.1)
Transmission Control Protocol, Src Port: 45733 (45733), Dst Port: http (80), Seq: 1, Ack: 1, Len: 222
    Source port: 45733 (45733)
    Destination port: http (80)
    [Stream index: 7]
    Sequence number: 1    (relative sequence number)
    [Next sequence number: 223    (relative sequence number)]
    Acknowledgment number: 1    (relative ack number)
    Header length: 32 bytes
    Flags: 0x018 (PSH, ACK)
    Window size value: 115
    [Calculated window size: 14720]
    [Window size scaling factor: 128]
    Checksum: 0x2540 [validation disabled]
    Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
    [SEQ/ACK analysis]
Hypertext Transfer Protocol
    GET  http://redacted.redacted.com/sites/RedactedServerLab/default.aspx HTTP/1.1\r\n
        [Expert Info (Chat/Sequence): GET  http://redacted.redacted.com/sites/RedactedServerLab/default.aspx HTTP/1.1\r\n]
        Request Method: GET
        Request URI:  http://redacted.redacted.com/sites/RedactedServerLab/default.aspx
        Request Version: HTTP/1.1
    Host: redacted.redacted.com\r\n
    Accept-Encoding: gzip, deflate, compress\r\n
    Accept: */*\r\n
    User-Agent: python-requests/2.2.1 CPython/2.6.6 Linux/2.6.32-431.el6.x86_64\r\n
    \r\n
    [Full request URI: http://redacted.redacted.com http://redacted.redacted.com/sites/RedactedServerLab/default.aspx]
    [HTTP request 1/1]
    [Response in frame: 3523]

No.     Time        Source                Destination           Protocol Length Info
   3523 15.994903   1.1.1.1       10.14.177.31          HTTP     511    HTTP/1.1 401 Unauthorized 

Frame 3523: 511 bytes on wire (4088 bits), 511 bytes captured (4088 bits)
Ethernet II, Src: IntelCor_37:1a:6f (00:15:17:37:1a:6f), Dst: Vmware_90:53:be (00:50:56:90:53:be)
Internet Protocol Version 4, Src: 1.1.1.1 (1.1.1.1), Dst: 10.14.177.31 (10.14.177.31)
Transmission Control Protocol, Src Port: http (80), Dst Port: 45733 (45733), Seq: 1, Ack: 223, Len: 445
    Source port: http (80)
    Destination port: 45733 (45733)
    [Stream index: 7]
    Sequence number: 1    (relative sequence number)
    [Next sequence number: 446    (relative sequence number)]
    Acknowledgment number: 223    (relative ack number)
    Header length: 32 bytes
    Flags: 0x018 (PSH, ACK)
    Window size value: 4602
    [Calculated window size: 4602]
    [Window size scaling factor: 1]
    Checksum: 0x0dc4 [validation disabled]
    Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
    [SEQ/ACK analysis]
Hypertext Transfer Protocol
    HTTP/1.1 401 Unauthorized\r\n
        [Expert Info (Chat/Sequence): HTTP/1.1 401 Unauthorized\r\n]
        Request Version: HTTP/1.1
        Status Code: 401
        Response Phrase: Unauthorized
    Via: 1.1 RedactedHost\r\n
    Connection: Keep-Alive\r\n
    Proxy-Support: Session-Based-Authentication\r\n
    Connection: Proxy-Support\r\n
    Content-Length: 0\r\n
    Date: Mon, 07 Apr 2014 16:20:19 GMT\r\n
    Server: Microsoft-IIS/7.5\r\n
    SPRequestGuid: ab8198d1-b250-4a42-9862-27b4543f0ca1\r\n
    WWW-Authenticate: Negotiate\r\n
    WWW-Authenticate: NTLM\r\n
    X-Powered-By: ASP.NET\r\n
    MicrosoftSharePointTeamServices: 14.0.0.7102\r\n
    X-MS-InvokeApp: 1; RequireReadOnly\r\n
    \r\n
    [HTTP response 1/1]
    [Time since request: 0.021356000 seconds]
    [Request in frame: 3510]

No.     Time        Source                Destination           Protocol Length Info
   3532 16.012010   10.14.177.31          1.1.1.1       HTTP     442    GET  http://redacted.redacted.com/sites/RedactedServerLab/default.aspx HTTP/1.1 , NTLMSSP_NEGOTIATE

Frame 3532: 442 bytes on wire (3536 bits), 442 bytes captured (3536 bits)
Ethernet II, Src: Vmware_90:53:be (00:50:56:90:53:be), Dst: IntelCor_37:1a:6f (00:15:17:37:1a:6f)
Internet Protocol Version 4, Src: 10.14.177.31 (10.14.177.31), Dst: 1.1.1.1 (1.1.1.1)
Transmission Control Protocol, Src Port: 45734 (45734), Dst Port: http (80), Seq: 1, Ack: 1, Len: 376
    Source port: 45734 (45734)
    Destination port: http (80)
    [Stream index: 8]
    Sequence number: 1    (relative sequence number)
    [Next sequence number: 377    (relative sequence number)]
    Acknowledgment number: 1    (relative ack number)
    Header length: 32 bytes
    Flags: 0x018 (PSH, ACK)
    Window size value: 115
    [Calculated window size: 14720]
    [Window size scaling factor: 128]
    Checksum: 0x25da [validation disabled]
    Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
    [SEQ/ACK analysis]
Hypertext Transfer Protocol
    GET  http://redacted.redacted.com/sites/RedactedServerLab/default.aspx HTTP/1.1\r\n
        [Expert Info (Chat/Sequence): GET  http://redacted.redacted.com/sites/RedactedServerLab/default.aspx HTTP/1.1\r\n]
        Request Method: GET
        Request URI:  http://redacted.redacted.com/sites/RedactedServerLab/default.aspx
        Request Version: HTTP/1.1
    Host: redacted.redacted.com\r\n
    Connection: Keep-Alive\r\n
    Accept: */*\r\n
    Accept-Encoding: gzip, deflate, compress\r\n
    Authorization: NTLM TlRMTVNTUAABAAAAB7IIoggACABIAAAAIAAgACgAAAAFASgKAAAAD1RST1kuSEFSUklTT04uREhDUC5TQ0FOLk9LQy5FRVJDQU1FUklDQVM=\r\n
        NTLM Secure Service Provider
            NTLMSSP identifier: NTLMSSP
            NTLM Message Type: NTLMSSP_NEGOTIATE (0x00000001)
            Flags: 0xa208b207
                1... .... .... .... .... .... .... .... = Negotiate 56: Set
                .0.. .... .... .... .... .... .... .... = Negotiate Key Exchange: Not set
                ..1. .... .... .... .... .... .... .... = Negotiate 128: Set
                ...0 .... .... .... .... .... .... .... = Negotiate 0x10000000: Not set
                .... 0... .... .... .... .... .... .... = Negotiate 0x08000000: Not set
                .... .0.. .... .... .... .... .... .... = Negotiate 0x04000000: Not set
                .... ..1. .... .... .... .... .... .... = Negotiate Version: Set
                .... ...0 .... .... .... .... .... .... = Negotiate 0x01000000: Not set
                .... .... 0... .... .... .... .... .... = Negotiate Target Info: Not set
                .... .... .0.. .... .... .... .... .... = Request Non-NT Session: Not set
                .... .... ..0. .... .... .... .... .... = Negotiate 0x00200000: Not set
                .... .... ...0 .... .... .... .... .... = Negotiate Identify: Not set
                .... .... .... 1... .... .... .... .... = Negotiate Extended Security: Set
                .... .... .... .0.. .... .... .... .... = Target Type Share: Not set
                .... .... .... ..0. .... .... .... .... = Target Type Server: Not set
                .... .... .... ...0 .... .... .... .... = Target Type Domain: Not set
                .... .... .... .... 1... .... .... .... = Negotiate Always Sign: Set
                .... .... .... .... .0.. .... .... .... = Negotiate 0x00004000: Not set
                .... .... .... .... ..1. .... .... .... = Negotiate OEM Workstation Supplied: Set
                .... .... .... .... ...1 .... .... .... = Negotiate OEM Domain Supplied: Set
                .... .... .... .... .... 0... .... .... = Negotiate 0x00000800: Not set
                .... .... .... .... .... .0.. .... .... = Negotiate NT Only: Not set
                .... .... .... .... .... ..1. .... .... = Negotiate NTLM key: Set
                .... .... .... .... .... ...0 .... .... = Negotiate 0x00000100: Not set
                .... .... .... .... .... .... 0... .... = Negotiate Lan Manager Key: Not set
                .... .... .... .... .... .... .0.. .... = Negotiate Datagram: Not set
                .... .... .... .... .... .... ..0. .... = Negotiate Seal: Not set
                .... .... .... .... .... .... ...0 .... = Negotiate Sign: Not set
                .... .... .... .... .... .... .... 0... = Request 0x00000008: Not set
                .... .... .... .... .... .... .... .1.. = Request Target: Set
                .... .... .... .... .... .... .... ..1. = Negotiate OEM: Set
                .... .... .... .... .... .... .... ...1 = Negotiate UNICODE: Set
            Calling workstation domain: REDACTED
                Length: 8
                Maxlen: 8
                Offset: 72
            Calling workstation name: REDACTEDHOSTNAME
                Length: 32
                Maxlen: 32
                Offset: 40
            Version 5.1 (Build 2600); NTLM Current Revision 15
    User-Agent: python-requests/2.2.1 CPython/2.6.6 Linux/2.6.32-431.el6.x86_64\r\n
    \r\n
    [Full request URI: http://redacted.redacted.com http://redacted.redacted.com/sites/RedactedServerLab/default.aspx]
    [HTTP request 1/1]
    [Response in frame: 3533]

No.     Time        Source                Destination           Protocol Length Info
   3533 16.034461   1.1.1.1       10.14.177.31          HTTP     856    HTTP/1.1 401 Unauthorized , NTLMSSP_CHALLENGE

Frame 3533: 856 bytes on wire (6848 bits), 856 bytes captured (6848 bits)
Ethernet II, Src: IntelCor_37:1a:6f (00:15:17:37:1a:6f), Dst: Vmware_90:53:be (00:50:56:90:53:be)
Internet Protocol Version 4, Src: 1.1.1.1 (1.1.1.1), Dst: 10.14.177.31 (10.14.177.31)
Transmission Control Protocol, Src Port: http (80), Dst Port: 45734 (45734), Seq: 1, Ack: 377, Len: 790
    Source port: http (80)
    Destination port: 45734 (45734)
    [Stream index: 8]
    Sequence number: 1    (relative sequence number)
    [Next sequence number: 791    (relative sequence number)]
    Acknowledgment number: 377    (relative ack number)
    Header length: 32 bytes
    Flags: 0x018 (PSH, ACK)
    Window size value: 4756
    [Calculated window size: 4756]
    [Window size scaling factor: 1]
    Checksum: 0x1fc3 [validation disabled]
    Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
    [SEQ/ACK analysis]
Hypertext Transfer Protocol
    HTTP/1.1 401 Unauthorized\r\n
        [Expert Info (Chat/Sequence): HTTP/1.1 401 Unauthorized\r\n]
        Request Version: HTTP/1.1
        Status Code: 401
        Response Phrase: Unauthorized
    Via: 1.1 REDACTEDSERVER\r\n
    Connection: Keep-Alive\r\n
    Proxy-Support: Session-Based-Authentication\r\n
    Connection: Proxy-Support\r\n
    Content-Length: 0\r\n
    Date: Mon, 07 Apr 2014 16:20:17 GMT\r\n
    Server: Microsoft-IIS/7.5\r\n
    SPRequestGuid: b9075de8-2410-489d-910d-02eda4908337\r\n
    [truncated] WWW-Authenticate: NTLM TlRMTVNTUAACAAAAEAAQADgAAAAFgomio4DbB+7lxdQAAAAAAAAAALoAugBIAAAABgGxHQAAAA9BAE0ARQBSAEkAQwBBAFMAAgAQAEEATQBFAFIASQBDAEEAUwABABwAQQBVAFMAUABXAEMAUwBGAFAAQwAxADcAMQA1AAQAGgBhAG0AZQByAC4AZABlAGwAbAAuAGMAbwBt
        NTLM Secure Service Provider
            NTLMSSP identifier: NTLMSSP
            NTLM Message Type: NTLMSSP_CHALLENGE (0x00000002)
            Target Name: AMERICAS
                Length: 16
                Maxlen: 16
                Offset: 56
            Flags: 0xa2898205
                1... .... .... .... .... .... .... .... = Negotiate 56: Set
                .0.. .... .... .... .... .... .... .... = Negotiate Key Exchange: Not set
                ..1. .... .... .... .... .... .... .... = Negotiate 128: Set
                ...0 .... .... .... .... .... .... .... = Negotiate 0x10000000: Not set
                .... 0... .... .... .... .... .... .... = Negotiate 0x08000000: Not set
                .... .0.. .... .... .... .... .... .... = Negotiate 0x04000000: Not set
                .... ..1. .... .... .... .... .... .... = Negotiate Version: Set
                .... ...0 .... .... .... .... .... .... = Negotiate 0x01000000: Not set
                .... .... 1... .... .... .... .... .... = Negotiate Target Info: Set
                .... .... .0.. .... .... .... .... .... = Request Non-NT Session: Not set
                .... .... ..0. .... .... .... .... .... = Negotiate 0x00200000: Not set
                .... .... ...0 .... .... .... .... .... = Negotiate Identify: Not set
                .... .... .... 1... .... .... .... .... = Negotiate Extended Security: Set
                .... .... .... .0.. .... .... .... .... = Target Type Share: Not set
                .... .... .... ..0. .... .... .... .... = Target Type Server: Not set
                .... .... .... ...1 .... .... .... .... = Target Type Domain: Set
                .... .... .... .... 1... .... .... .... = Negotiate Always Sign: Set
                .... .... .... .... .0.. .... .... .... = Negotiate 0x00004000: Not set
                .... .... .... .... ..0. .... .... .... = Negotiate OEM Workstation Supplied: Not set
                .... .... .... .... ...0 .... .... .... = Negotiate OEM Domain Supplied: Not set
                .... .... .... .... .... 0... .... .... = Negotiate 0x00000800: Not set
                .... .... .... .... .... .0.. .... .... = Negotiate NT Only: Not set
                .... .... .... .... .... ..1. .... .... = Negotiate NTLM key: Set
                .... .... .... .... .... ...0 .... .... = Negotiate 0x00000100: Not set
                .... .... .... .... .... .... 0... .... = Negotiate Lan Manager Key: Not set
                .... .... .... .... .... .... .0.. .... = Negotiate Datagram: Not set
                .... .... .... .... .... .... ..0. .... = Negotiate Seal: Not set
                .... .... .... .... .... .... ...0 .... = Negotiate Sign: Not set
                .... .... .... .... .... .... .... 0... = Request 0x00000008: Not set
                .... .... .... .... .... .... .... .1.. = Request Target: Set
                .... .... .... .... .... .... .... ..0. = Negotiate OEM: Not set
                .... .... .... .... .... .... .... ...1 = Negotiate UNICODE: Set
            NTLM Server Challenge: a380db07eee5c5d4
            Reserved: 0000000000000000
            Target Info
            Version 6.1 (Build 7601); NTLM Current Revision 15
    WWW-Authenticate: Negotiate\r\n
    X-Powered-By: ASP.NET\r\n
    MicrosoftSharePointTeamServices: 14.0.0.7102\r\n
    X-MS-InvokeApp: 1; RequireReadOnly\r\n
    \r\n
    [HTTP response 1/1]
    [Time since request: 0.022451000 seconds]
    [Request in frame: 3532]

@Lukasa
Copy link
Member

Lukasa commented Apr 7, 2014

Hmm, I don't see anything obviously wrong with that. I'm a little concerned that the Negotiate challenge is still present, but I don't think that could be causing this bug.

@ibigpapa
Copy link
Author

ibigpapa commented Apr 7, 2014

Hrmm are there built-in debug commands or do I need to go in and add them to further trace ?

@Lukasa
Copy link
Member

Lukasa commented Apr 7, 2014

The place we really want diags from is python-ntlm. I genuinely have no idea what diags they have.

@ibigpapa
Copy link
Author

ibigpapa commented Apr 7, 2014

Looks like there might be a fixhttps://code.google.com/p/python-ntlm/issues/detail?id=17&q=padding. Have to get the non Repo version

@Lukasa
Copy link
Member

Lukasa commented Apr 7, 2014

Try updating locally in your system and see what you can find. =)

@ibigpapa
Copy link
Author

ibigpapa commented Apr 8, 2014

I attempted to do so and no change. I'm posting on that issue for Python-Ntlm to make sure i did it right and verify or continue to work with them. I'll revert in the event they say all is good.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ibigpapa @Lukasa