Professional Documents
Culture Documents
010 HTTP Digest Authentication RFC 2069
010 HTTP Digest Authentication RFC 2069
Applica+on Pentes+ng
Vivek
Ramachandran
SWSE,
SMFE,
SPSE,
SISE,
SLAE,
SGDE
Course
Instructor
Cer+ca+ons:
hGp://www.securitytube-training.com
Pentester
Academy:
hGp://www.PentesterAcademy.com
SecurityTube.net
HTTP
Digest
Authen+ca+on
RFC
2069
SecurityTube.net
HTTP
Digest
Authen+ca+on
hGp://en.wikipedia.org/wiki/Digest_access_authen+ca+on
SecurityTube.net
Ini+al
Version
RFC
2069
Source: hGp://tools.ie[.org/html/rfc2069
SecurityTube.net
Response
Calcula+on
Hash1 = MD5(Username:Realm:Password)
Hash2 = MD5(method:URI)
Hash2 = MD5(GET:/lab/webapp/digest2/1)
SecurityTube.net
Response
Calcula+on
Hash1 = MD5(Username:Realm:Password)
Hash2 = MD5(method:URI)
Response = MD5(Hash1:Nonce:Hash2)
SecurityTube.net
Wireshark
SecurityTube.net