Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- External Connection (client POST Only) :
- 1°) POST /global-protect/prelogin.esp?kerberos-support=yes&tmp=tmp&clientVer=4100&host-id=[removed]&clientos=Windows&os-version=Microsoft+Windows+10+Enterprise+2016+LTSB+%2c+64-bit&ipv6-support=yes
- 2°) POST /global-protect/getconfig.esp HTTP/1.1 (application/x-www-form-urlencoded)
- HTML Form URL Encoded: application/x-www-form-urlencoded
- Form item: "user" = "[username]"
- Form item: "passwd" = ""
- Form item: "inputStr" = ""
- Form item: "ok" = "Login"
- Form item: "clientVer" = "4100"
- Form item: "portal-userauthcookie" = "empty"
- Form item: "portal-prelogonuserauthcookie" = "empty"
- Form item: "clientos" = "Windows"
- Form item: "clientgpversion" = "4.0.8-4"
- Form item: "computer" = "[computername]"
- Form item: "os-version" = "Microsoft Windows 10 Enterprise 2016 LTSB , 64-bit"
- Form item: "host-id" = "fc100246-1a04-4b7a-be02-e94d8285ac3d"
- Form item: "prelogin-cookie" = ""
- Form item: "ipv6-support"
- 3°) POST /ssl-vpn/prelogin.esp?kerberos-support=yes&tmp=tmp&clientVer=4100&host-id=fc100246-1a04-4b7a-be02-e94d8285ac3d&clientos=Windows&os-version=Microsoft+Windows+10+Enterprise+2016+LTSB+%2c+64-bit&ipv6-support=yes
- 4°) POST /ssl-vpn/login.esp HTTP/1.1 (application/x-www-form-urlencoded)
- HTML Form URL Encoded: application/x-www-form-urlencoded
- Form item: "prot" = "https:"
- Form item: "server" = "[external_gw_ip]"
- Form item: "inputStr" = ""
- Form item: "jnlpReady" = "jnlpReady"
- Form item: "user" = "[username]"
- Form item: "passwd" = ""
- Form item: "computer" = "[computername]"
- Form item: "ok" = "Login"
- Form item: "direct" = "yes"
- Form item: "clientVer" = "4100"
- Form item: "os-version" = "Microsoft Windows 10 Enterprise 2016 LTSB , 64-bit"
- Form item: "preferred-ip" = "[clientvpnip]"
- Form item: "preferred-ipv6" = ""
- Form item: "clientos" = "Windows"
- Form item: "clientgpversion" = "4.0.8-4"
- Form item: "portal-userauthcookie" = "empty"
- Form item: "portal-prelogonuserauthcookie" = "empty"
- Form item: "host-id" = "fc100246-1a04-4b7a-be02-e94d8285ac3d"
- Form item: "prelogin-cookie" = ""
- Form item: "ipv6-support" = "yes"
- Form item: "client-ip" = "[clientphysicalip]"
- Form item: "client-ipv6"
- 5°) POST /ssl-vpn/getconfig.esp HTTP/1.1 (application/x-www-form-urlencoded)
- HTML Form URL Encoded: application/x-www-form-urlencoded
- Form item: "user" = "[username]"
- Form item: "addr1" = "[clientif1ip/mask]"
- Form item: "addr2" = "[clientif2ip/mask]"
- Form item: "addr-v6-1" = ""
- Form item: "addr-v6-2" = "2"
- Form item: "preferred-ip" = "[clientvpnip]"
- Form item: "preferred-ipv6" = ""
- Form item: "portal" = "[external_portal]"
- Form item: "authcookie" = "8d2dedfc4c56b4768f57c1baf20c56fa"
- Form item: "client-type" = "1"
- Form item: "os-version" = "Microsoft Windows 10 Enterprise 2016 LTSB , 64-bit"
- Form item: "app-version" = "4.0.8-4"
- Form item: "protocol-version" = "p1"
- Form item: "clientos" = "Windows"
- Form item: "ipv6-support" = "yes"
- Form item: "enc-algo" = "aes-256-gcm,aes-128-gcm,aes-128-cbc,"
- Form item: "hmac-algo"
- 6°) POST /ssl-vpn/hipreportcheck.esp HTTP/1.1 (application/x-www-form-urlencoded)
- HTML Form URL Encoded: application/x-www-form-urlencoded
- Form item: "user" = "[username]"
- Form item: "domain" = "[domain]"
- Form item: "portal" = "[external_portal]"
- Form item: "authcookie" = "8d2dedfc4c56b4768f57c1baf20c56fa"
- Form item: "client-ip" = "[clientvpnip]"
- Form item: "client-ipv6" = ""
- Form item: "computer" = "[computername]"
- Form item: "md5" = "2c7322dfe7b70c9ec3bd7812c20312c"
- Form item: "client-role" = "global-protect-full"
- Internal Connection (client POST + answers) :
- 1°) POST /global-protect/prelogin.esp?kerberos-support=yes&tmp=tmp&clientVer=4100&host-id=fc100246-1a04-4b7a-be02-e94d8285ac3d&clientos=Windows&os-version=Microsoft+Windows+10+Enterprise+2016+LTSB+%2c+64-bit&ipv6-support=yes
- RESPONSE :
- <?xml version="1.0" encoding="UTF-8" ?>
- <prelogin-response>
- <status>Success</status>
- <ccusername>[username]</ccusername>
- <autosubmit>true</autosubmit>
- <msg></msg>
- <newmsg></newmsg>
- <authentication-message></authentication-message>
- <username-label></username-label>
- <password-label></password-label>
- <panos-version>1</panos-version><region>[worldregion]</region>
- </prelogin-response>
- 2°) POST /global-protect/getconfig.esp HTTP/1.1 (application/x-www-form-urlencoded)
- HTML Form URL Encoded: application/x-www-form-urlencoded
- Form item: "user" = "[username]"
- Form item: "passwd" = ""
- Form item: "inputStr" = ""
- Form item: "ok" = "Login"
- Form item: "clientVer" = "4100"
- Form item: "portal-userauthcookie" = "empty"
- Form item: "portal-prelogonuserauthcookie" = "empty"
- Form item: "clientos" = "Windows"
- Form item: "clientgpversion" = "4.0.8-4"
- Form item: "computer" = "[computername]"
- Form item: "os-version" = "Microsoft Windows 10 Enterprise 2016 LTSB , 64-bit"
- Form item: "host-id" = "fc100246-1a04-4b7a-be02-e94d8285ac3d"
- Form item: "prelogin-cookie" = ""
- Form item: "ipv6-support"
- RESPONSE :
- here : https://pastebin.com/Q7cuD25D
- 3°) POST /ssl-vpn/prelogin.esp?kerberos-support=yes&tmp=tmp&clientVer=4100&host-id=fc100246-1a04-4b7a-be02-e94d8285ac3d&clientos=Windows&os-version=Microsoft+Windows+10+Enterprise+2016+LTSB+%2c+64-bit&ipv6-support=yes HTTP/1.1
- RESPONSE :
- <?xml version="1.0" encoding="UTF-8" ?>
- <prelogin-response>
- <status>Success</status>
- <ccusername>[username]</ccusername>
- <autosubmit>true</autosubmit>
- <msg></msg>
- <newmsg></newmsg>
- <license>no</license>
- <authentication-message></authentication-message>
- <username-label></username-label>
- <password-label></password-label>
- <panos-version>1</panos-version><region>192.168.0.0-192.168.255.255</region>
- </prelogin-response>
- 4°) POST /ssl-vpn/login.esp HTTP/1.1 (application/x-www-form-urlencoded)
- HTML Form URL Encoded: application/x-www-form-urlencoded
- Form item: "prot" = "https:"
- Form item: "server" = "[internal_gw_ip]"
- Form item: "inputStr" = ""
- Form item: "jnlpReady" = "jnlpReady"
- Form item: "user" = "[username]"
- Form item: "passwd" = ""
- Form item: "computer" = "[computername]"
- Form item: "ok" = "Login"
- Form item: "direct" = "yes"
- Form item: "clientVer" = "4100"
- Form item: "os-version" = "Microsoft Windows 10 Enterprise 2016 LTSB , 64-bit"
- Form item: "preferred-ip" = ""
- Form item: "preferred-ipv6" = ""
- Form item: "clientos" = "Windows"
- Form item: "clientgpversion" = "4.0.8-4"
- Form item: "portal-userauthcookie" = "empty"
- Form item: "portal-prelogonuserauthcookie" = "empty"
- Form item: "host-id" = "fc100246-1a04-4b7a-be02-e94d8285ac3d"
- Form item: "prelogin-cookie" = ""
- Form item: "ipv6-support" = "yes"
- Form item: "client-ip" = "[clientphysicalip]"
- Form item: "client-ipv6"
- RESPONSE :
- <?xml version="1.0" encoding="utf-8"?>
- <jnlp><application-desc><argument>(null)</argument><argument>5ee861971031ff3c20ff7bdf330c8ce9</argument><argument>2b1c4284c0856b6b9a2e06a04402d02fd99430d8</argument><argument>[internal_gw_name]</argument><argument>[username]</argument><argument>(empty_authprofile)</argument><argument>vsys1</argument><argument>[domain]</argument><argument>(null)</argument><argument></argument><argument></argument><argument></argument><argument>notunnel</argument><argument>-1</argument><argument>4100</argument><argument></argument><argument>empty</argument><argument>empty</argument><argument></argument><argument>4</argument><argument>unknown</argument><argument></argument></application-desc></jnlp>
- 5°) POST /ssl-vpn/hipreportcheck.esp HTTP/1.1 (application/x-www-form-urlencoded)
- HTML Form URL Encoded: application/x-www-form-urlencoded
- Form item: "user" = "[username]"
- Form item: "domain" = "[domain]"
- Form item: "portal" = "[internal_GW_name]"
- Form item: "authcookie" = "5ee861971031ff3c20ff7bdf330c8ce9"
- Form item: "client-ip" = "[clientphysicalip]"
- Form item: "client-ipv6" = ""
- Form item: "computer" = "[computername]"
- Form item: "md5" = "f1aa2438db2c93ef81e5942cca2a"
- Form item: "client-role" = "global-protect-full"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement