////目前90%以上的数据库注入或者其他web扫描工具都不支持域认证#include "stdlib.h"
#include "stdio.h"
#include "atlhttp.h"
class AuthData:public IAuthInfo
{
public:
char pass[32];
char user[32];
char domain[32];
AuthData(char *p,char *u,char *d){strcpy(pass,p);strcpy(user,u);strcpy(domain,d);}
HRESULT GetPassword(__out_ecount_part_z_opt(*pdwBuffSize, *pdwBuffSize) LPTSTR szPwd, __inout DWORD *pdwBuffSize)
{
strcpy(szPwd,pass);
*pdwBuffSize = strlen(pass);
return 0;
}
HRESULT GetUsername(__out_ecount_part_z_opt(*pdwBuffSize, *pdwBuffSize) LPTSTR szUid, __inout DWORD *pdwBuffSize)
{
strcpy(szUid,user);
*pdwBuffSize =strlen(user);
return 0;
}
HRESULT GetDomain(__out_ecount_part_z_opt(*pdwBuffSize, *pdwBuffSize) LPTSTR szDomain, __inout DWORD *pdwBuffSize)
{
strcpy(szDomain,domain);
*pdwBuffSize =strlen(szDomain);
return 0;
}
};
void main()
{
CAtlHttpClient * client;
CAtlNavigateData navData;
client = new CAtlHttpClient;
CNTLMAuthObject ntlmAuth;
AuthData auth_data("pass@","user","domain");
client->AddAuthObj( _T("NTLM"), &ntlmAuth,&auth_data );
if (client->Navigate("http://www.2cto.com/sec.ASPX", &navData ))
{
}
delete client;
}