I am working with microsoft bot emulator and everytime I make a request to an external link my office proxy blocks it and application returns 407 error. To work around this I tried following hacks.
Hack #1:
Used fiddler 4 with auto authenticate rule enabled. But I found it doesn't work for ntlm proxy.
I also found that the request which are completing with 200 status code has a proxy-authorization header with some encoded content. but I don't know how to set this header for all the requests.
Hack #2:
Installed and ran a cntlm proxy, still same error.
I am using Micosoft bot framework 4 with dotnet core and bot emulator 4.10, Os: windows 7
Please help let me know if I can somehow make it work around ntlm proxy.
Looks like the office network is very restricted when it comes to network access.
May be you should better talk to your IT department if you can't get a PC that is located in a different subnet that is less restrictive. Or if you are lucky the change the configuration for your PC so that you can access the required servers without proxy.
Related
I'm using BurpSuite to intercept the HTTP/HTTPS requests sent when logging in on https://www.nike.com/. I'm trying to achieve this with the following step:
Opening BurpSuite and Firefox
Turning on the proxy intercept
Turning on FoxyProxy on Firefox
Opening the website and trying to logging
These steps usually work for me, but in this case, I'm getting a "we are unable to connect to our servers" error without anything appearing on the intercept tab when trying to logging (I have tried turning off the intercept feature but it still yields the same issue, so I think it might be a proxy and certificate problem).
To clear things up:
I'm running the latest versions of BurpSuite and FireFox.
I have installed and reinstalled the BurpSuite certificate using this guide.
I've tried all of this on my iMac, MacBook and iPhone all of these devices yield the same issue
Here bellow is the error message I'm getting:
Here are my BurpSuite Proxy setting:
(in the Certificate tab I just have Generate CA-signed per-host certificates selected)
I have been using BurpSuite for over 2 years now and it's the first time I'm facing such an issue, any help is appreciated
I have shared my question with the Portswigger support (the team behind BurpSuite) and got the following response:
Hi
Thanks for your message.
We have reproduced the issue in our testing environment.
It looks like Nike.com are performing a fairly sophisticated check to
stop automated tool from accessing parts of their site.
Please let us know if you need any further assistance.
Cheers
Liam Tai-Hogan
PortSwigger Web Security
I am working with a self-hosted servicestack webservice on a Windows 10 machine and I am trying to enable https on it. What I have done so far is this:
1) I have created a wildcard cert using our companies cert server and exported it with the private key.
2) I have installed the cert on my dev machines' "LocalMachine/Personal" cert store.
3) I have run the following commands from the command line:
netsh http add sslcert ipport=0.0.0.0:{DefaultConfig.DefaultSslPort} certhash={sha1} appid={{{appId}}}
netsh http add urlacl url=https://+:{DefaultConfig.DefaultSslPort}/ user=everyone
4) I added the following to my Program.cs
var listeningOn = $"http://*:{DefaultConfig.DefaultPort}/";
appHost.Start(new[]{ listeningOn, $"https://*:{DefaultConfig.DefaultSslPort}/" });
Now when I launch the project, the http binding works no problem the webservice loads and works as expected. However when I try the https binding, the browser shows that a connection was made and the cert is valid (green lock appears and network traffic shows connection succeeding) however the server responds with:
HTTP Error 503. The service is unavailable.
Clearly it is available (as the Http binding proves) but there is some disconnect between windows and servicestack and I don't really know where to look for answers on this. I have tried a bunch of search phrases but they all seem to tell me to check/do what I have already checked/done or the results are specific to a particular application/framework/OS and have not been helpful.
Ok, so counter to MANY MANY MANY posts out there, you should NOT reserve the url using:
netsh http add urlacl url=https://+:{DefaultConfig.DefaultSslPort}/ user=everyone
When self-hosting with ServiceStack. I don't know why (if you know why, feel free to post a comment) but this makes windows unable to pass the https request down to your self-hosted site. I checked this by downloading ServiceStack source code and put a break point on the connection callback that is the entry point for any incoming connections. The breakpoint is never hit, therefore the request never gets to Servicestack.
Once I removed the URL reservation, everything worked fine.
I have a C++ Windows application, developed using Visual studio 2017 on windows 10 system. This application uses cpprestsdk to post request to REST Server. My application works perfectly fine on windows 10 machine with properly posting request over ssl to rest server. I did not create any local certificate to make my application work on windows 10.
However same application when ported on windows 7 (64 bit), is not able to POST request with SSL protocol to rest server.
Same request works without SSL, (http://HOST/API works)
but (https://host/api fails)
by giving following error.
winhttpsendrequest 12029 a connection with the server could not be established.
From same windows 7, PostMan can successfully post https request.
No clue of what could be wrong with the implementation.
Can any one share what could be the reason of failing the POST request on windows 7?
I'm a bit late with the answer but I hope that it might help others who face the same problem ...
I think that your server insists on using tls version higher than 1.0 which is a default on Windows 7. Unfortunately cpprestsdk cannot be configured to use a specific tls version. On Windows cpprestsdk uses WinHTTP which exposes two handles but only one of them can be used to configure tls (I do not remember handle names at the moment). Unfortunately the native handle that cpprestsdk has access to cannot be used to configure tls.
The only workaround is to configure Windows 7 (and indirectly WinHTTP) to use a specific tls version as default. Instructions on how to do that can be found here: https://support.microsoft.com/en-ca/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-default-secure-protocols-in-wi.
Hello I'd like to do https calls from my node.js website running under windows azure emulator but I am not sure how to go about enabling ssl using IIS Express ?
Has anybody got any ideas? I've read and tried implementing different ideas but none seem to work for e.g.
https://tootallnate.net/setting-up-free-ssl-on-your-node-server
I am creating a Facebook app which requires me to do some https calls to the graph etc, but IIS Express crashes each time if it encounters warning messages etc and the call never makes it through.
Anyone got a simple self-signed certificate working within emulator that they can share on how they did it?
There's a difference between making outgoing calls using SSL from your service (for example, using facebook) versus accepting incoming ssl calls (for example, from the browser). If you're making outgoing calls, standard node libraries should work and you'll just need a .pem certificate included in your app to use most of them. If you're accepting https calls on the server, then iis (express) takes care of certificates and your server can treat the incoming call as http
I am just curious - did anyone got Fiddler to work with Windows Phone 7 emulator (RTW build)? When I try working with Fiddler, I am getting a WebException when working with HttpWebRequest insances - NotFound, to be specific. WireShark works fine.
The problem I see here is that Fiddler acts as a proxy and the WP7 application I am using doesn't go through a proxy to pass the request, while WireShark works differently - it doesn't directly pass traffic through it.
There was a similar question here but in my case I would like to override the proxy settings so that the WP7 application will connect to http:/127.0.0.1:8888 as the proxy address. Since WP7 tools are based on Silverlight, is it possible to direct a HttpWebRequest to a proxy first?
EDIT: On this page (Fiddler documentation) it is stated that XDE (Windows Phone 7 emulator) should automatically pick up system proxy settings, but for some reason it seems like it doesn't.
As a temporary workaround for this, you can set Fiddler as a reverse proxy. The process is described here. I used the second option by creating a rule.
NOTE: You have to set the initial host (in the if statement) to the Fiddler proxy location (since the WP7 emulator can see the proxy address). The second URL is the address you want to redirect to.
It will now capture traffic from Windows Phone 7 emulator, although it will still skip some things (like downloaded images), so use this method for testing purposes only.
Here's the very simple solution that worked for me: Link