[New Tool] GSSAPI-Proxy Beta HTTP Proxy for Windows
![[New Tool] GSSAPI-Proxy Beta HTTP Proxy for Windows](https://toolswatch.org/wp-content/uploads/2014/09/logo_GitHub.jpg){kind=logo}
Gssapi-proxy is a HTTP Proxy for Windows that uses running user’s kerberos login to respond to kerberos/GSSAPI challenges (401/Www-Authenticate) on behalf of the client. This allows using HTTP pentesting tools that do not implement kerberos/GSSAPI support against services that require authentication.
The built staticly linked application is also easy to inject (for instance Metasploit “upload”) for remotely exploiting user’s login information. This may sometimes be preferred to steal-the-ticket attacks because the approach is simpler when the goal is to access kerberos/GSSAPI secured HTTP targets.
Tested on Windows 8.1 (32-bit), with Heimdal KDC and MIT’s implementation of GSSAPI libraries at the other end. Should run on Windows 2000+, and might fall back to NTLM if building kerberos context fails.
[button size=large style=round color=red align=none url=https://github.com/mikkolehtisalo/gssapi-proxy]Download GSSAPI-Proxy Beta[/button]
Thanks to Mikko Lehtisalo, for sharing this tool with us. 😉
