Minor adjustment to notify the user that the --auth-cred format for NTLM authentication is "DOMAIN\user:password"

2025-01-24 08:14:24 +03:00 · 2010-04-07 09:47:14 +00:00 · 2010-04-07 09:47:14 +00:00 · effc7dc41c
commit effc7dc41c
parent 652daa616e
1 changed files with 14 additions and 8 deletions
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -574,21 +574,27 @@ def __setHTTPAuthentication():
    if not conf.aCert:
        debugMsg = "setting the HTTP authentication type and credentials"
        logger.debug(debugMsg)
-    
+
        aTypeLower = conf.aType.lower()
-    
+
        if aTypeLower not in ( "basic", "digest", "ntlm" ):
            errMsg  = "HTTP authentication type value must be "
            errMsg += "Basic, Digest or NTLM"
            raise sqlmapSyntaxException, errMsg
-    
-        aCredRegExp = re.search("^(.*?)\:(.*?)$", conf.aCred)
-    
+        elif aTypeLower in ( "basic", "digest" ):
+            regExp = "^(.*?):(.*?)$"
+            errMsg  = "HTTP %s authentication credentials " % aTypeLower
+            errMsg += "value must be in format username:password"
+        elif aTypeLower == "ntlm":
+            regExp = "^(.*?)\\\(.*?):(.*?)$"
+            errMsg  = "HTTP NTLM authentication credentials value must "
+            errMsg += "be in format DOMAIN\username:password"
+
+        aCredRegExp = re.search(regExp, conf.aCred)
+
        if not aCredRegExp:
-            errMsg  = "HTTP authentication credentials value must be "
-            errMsg += "in format username:password"
            raise sqlmapSyntaxException, errMsg
-    
+
        authUsername = aCredRegExp.group(1)
        authPassword = aCredRegExp.group(2)