From effc7dc41c2547d858e54e2cfafc015cd152caa7 Mon Sep 17 00:00:00 2001
From: Bernardo Damele <bernardo.damele@gmail.com>
Date: Wed, 7 Apr 2010 09:47:14 +0000
Subject: [PATCH] Minor adjustment to notify the user that the --auth-cred
 format for NTLM authentication is "DOMAIN\user:password"

---
 lib/core/option.py | 22 ++++++++++++++--------
 1 file changed, 14 insertions(+), 8 deletions(-)

diff --git a/lib/core/option.py b/lib/core/option.py
index 1292e75b2..329c0773f 100644
--- a/lib/core/option.py
+++ b/lib/core/option.py
@@ -574,21 +574,27 @@ def __setHTTPAuthentication():
     if not conf.aCert:
         debugMsg = "setting the HTTP authentication type and credentials"
         logger.debug(debugMsg)
-    
+
         aTypeLower = conf.aType.lower()
-    
+
         if aTypeLower not in ( "basic", "digest", "ntlm" ):
             errMsg  = "HTTP authentication type value must be "
             errMsg += "Basic, Digest or NTLM"
             raise sqlmapSyntaxException, errMsg
-    
-        aCredRegExp = re.search("^(.*?)\:(.*?)$", conf.aCred)
-    
+        elif aTypeLower in ( "basic", "digest" ):
+            regExp = "^(.*?):(.*?)$"
+            errMsg  = "HTTP %s authentication credentials " % aTypeLower
+            errMsg += "value must be in format username:password"
+        elif aTypeLower == "ntlm":
+            regExp = "^(.*?)\\\(.*?):(.*?)$"
+            errMsg  = "HTTP NTLM authentication credentials value must "
+            errMsg += "be in format DOMAIN\username:password"
+
+        aCredRegExp = re.search(regExp, conf.aCred)
+
         if not aCredRegExp:
-            errMsg  = "HTTP authentication credentials value must be "
-            errMsg += "in format username:password"
             raise sqlmapSyntaxException, errMsg
-    
+
         authUsername = aCredRegExp.group(1)
         authPassword = aCredRegExp.group(2)