search

genotrance / px

An HTTP proxy server to automatically authenticate through an NTLM proxy
MIT License
952 stars 98 forks source link

Force Authentication #104

Closed Ka0o0 closed 2 years ago

Ka0o0 commented 4 years ago

Hi,

I'm trying to setup a proxy gateway on my windows host to allow my docker containers to communicate to the internet through our company firewall.

From what I understand is that our company employs NTLM Authentication. At least, when I open Chrome, it Downloads a Proxy Configuration Script and then doesn't ask me anymore about my credentials.

Therefore I tried to start px with the following options:

.\px.exe --debug --hostonly --gateway --allow=172.*.*.* --foreground --auth=ntlm

While HTTP sites work okay, HTTPS requests are not working. My container always receive a HTTP 444 Status Code, as if the website wouldn't provide any data.

PX logs the following:

MainProcess: Thread_0: 1586506565: do_socket: Sending Host: itstillworks.com
MainProcess: Thread_0: 1586506565: do_socket: Sending User-Agent: Wget
MainProcess: Thread_0: 1586506565: do_socket: Sending extra Proxy-Authorization: sanitized len(7749)
MainProcess: Thread_0: 1586506565: do_socket: Sending extra b'Connection: Keep-Alive'
MainProcess: Thread_0: 1586506565: do_socket: Reading response code
MainProcess: Thread_0: 1586506565: do_socket: Bad response b''
MainProcess: Thread_0: 1586506565: do_socket: Client closed connection
MainProcess: Thread_0: 1586506565: do_transaction: No auth required cached
MainProcess: Thread_0: 1586506565: do_GET: Error 444
MainProcess: Thread_0: 1586506565: fwd_resp: Entering
MainProcess: Thread_0: 1586506565: log_message: "GET https://itstillworks.com/ HTTP/1.1" 444 -
MainProcess: Thread_0: 1586506565: fwd_data: Reading response data
MainProcess: Thread_0: 1586506565: fwd_resp: Done
MainProcess: Thread_0: 1586506565: do_GET: Done

I'm unable to properly interpret these lines, but it seems that PX doesn't try to authenticate, as No auth required cached is printed. So I guess that our firewall is configured in a way that it doesn't report applications that they are behind a firewall (security through obscurity).

But I would be interested in what you think. Thanks a lot. BR Kai

genotrance commented 2 years ago

Can you please retry and see if you still see this issue?

Ka0o0 commented 2 years ago

Hi, I'm no longer using PX, so I'm going to close this issue.