AnsweredAssumed Answered

Web Server Uses Plain-Text Form Based Authentication

Question asked by vul_tester_007 on Feb 17, 2014
Latest reply on Feb 17, 2014 by vul_tester_007
I get the message below. Port 80 forwards to a IIS server on an exchange server with OWA. I've done tests with telnet and the exact Get/Host statements but I get an IIS error page. I've also searched the entire server for login.html and came up empty handed. What gives with this warning and how come I cannot replicate the scan results by hand?
=============
GET /login.html HTTP/1.0
Host:  *********:100
<form
action="mlogin.get" method="get" name="form1">
<label>
<div
align="center">
<script language="JavaScript" type="text/javascript"
src="md5.js"></script>
Account<br>
<input name="account"
type="text" id="account" maxlength="36">
<br>
Password
<br>
<input name="passwd" type="password" id="passwd"
maxlength="36">
<br>
<input name="key" type="hidden"
id="key">
<script language="JavaScript"
type="text/javascript">
var idx =
location.href.search("key");
document.form1.key.value =
location.href.substring(idx+4);
</script>
<input name="Submit"
type="submit" value="Login"
onClick="document.form1.passwd.value =
hmac_digest(document.form1.key.value,
document.form1.passwd.value)">
</div>
</label>
</form>

Outcomes