Thursday, 13 February 2014

Configure sqlmap with burp suite proxy [ NTLM Authentication ]

Some web application needs NTLM authentication, especially .NET, and testing for SQL Injections becomes very important in such critical applications.

In Backtrack, if we want to test for SQL Injection using SQLMap it needs "python-NTLM" in order to test such applications.

You can find python-ntlm information : 

But what if we can do our testing without this library??? Guess how...??? ...Answer is through Burp-suite...

Configure Burp for NTLM Authentication

Configure SQLMap to use Burp Proxy

Now your SQLMap will attack on your web application through Burp suite which is already taking care of NTLM Authentication :)

1 comment: