Professional Documents
Culture Documents
011 HTTP Digest Auth Hashing
011 HTTP Digest Auth Hashing
Applica+on Pentes+ng
Vivek
Ramachandran
SWSE,
SMFE,
SPSE,
SISE,
SLAE,
SGDE
Course
Instructor
Cer+fica+ons:
hGp://www.securitytube-‐training.com
Pentester
Academy:
hGp://www.PentesterAcademy.com
©SecurityTube.net
HTTP
Digest
Authen+ca+on
Hashing
Time!
(RFC
2069)
©SecurityTube.net
Response
Calcula+on
(RFC
2069)
Hash1 = MD5(Username:Realm:Password)
Hash2 = MD5(method:URI)
Response = MD5(Hash1:Nonce:Hash2)
©SecurityTube.net
Hash1
Calcula+on
Hash1 = MD5(Username:Realm:Password)
©SecurityTube.net
Hash2
Calcula+on
Hash2 = MD5(method:URI)
©SecurityTube.net
Response
Calcula+on
Response = MD5(Hash1:Nonce:Hash2)
©SecurityTube.net