Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

cntlm proxy with phantomjs

I'm trying to use the cntlm proxy on my windows machine to talk to a local web application on IIS that uses Windows Authentication from PhantomJS. To create the proxy, I'm doing: cntlm -v -u username@domain -p password -l 1456 localhost:80

My app lives at localhost/myapp

To test whether or not this works, I try to browse to localhost:1456/myapp but I always get an auth challenge and no sensible username/password combination seems to work. Any thoughts on why this setup might not be working as expected?

When I hit the proxied endpoint in a browser, this is the output from cntlm:

http://pastebin.com/xvvmfsGV

like image 408
itslittlejohn Avatar asked Jul 03 '15 14:07

itslittlejohn


1 Answers

After wrestling with the concept for a while I finally figured out how to get this set up.

After installing cntlm, I ran the following from a command prompt:

"c:\Program Files (x86)\Cntlm\cntlm.exe" -u <user_name> -d <domain_name> -H

This asks for your password and spits out three hashes to use in the configuration file.

I whittled down the required configuration in cntlm.ini to:

Username    <user_name>
Domain      <domain_name>

PassLM          <LM_hash>
PassNT          <NT_hash>
PassNTLMv2      <NTLMv2_hash>

Proxy       192.168.7.1:80 #random proxy
NoProxy *

Listen      3133 # unused port

cntlm forces your to specify a top-level proxy even if you don't need one or have one, so any valid number for that option will do. Setting NoProxy to * ensures that any request never gets passed on to the bogus proxy specified.

Run "c:\Program Files (x86)\Cntlm\cntlm.exe" -f in a console to verify that everything is working. Otherwise, start and stop it as a service.

To test with phantomjs I used the following script:

var page = require('webpage').create();

page.open('http://<machine_name>/myapp', function(status) {
  console.log("Status: " + status);
  if(status === "success") {
    page.render('example.png');
  }
  phantom.exit();
});

<machine_name> cannot be localhost because phantomjs bypasses proxies when the host is localhost, so use your machine name or ip address instead.

To run it: phantomjs --proxy=localhost:3133 test.js

like image 173
itslittlejohn Avatar answered Sep 25 '22 15:09

itslittlejohn