Session dies while scanning
Guys, I have this very general problem. I did a search across the google, but did not find a proper solution.
This is what I have done:
I have created a session validation under Projects->Sessions
Under that, I have a macro, which checks if the session is invalidated, if yes, it would re-execute the requests, which will create a new session
So far good.
Now, when I do a scan from the target scope, I see that this micro kicks in when my session has expired and it creates a new session.
But, the problem:
The scanner, continues to use old captured sessions and fails miserably ...
How, can I pass the new session created from the macro to the subsequent requests which are in queue and fired by scanner ?
Also, if I had to create a new extension for this and lets say, I use processHttpMessage and I have registered the callbacks for HttpListener, but I am still confused how can I take the latest response/request which was generated by macro during session validation, which happens to have the latest session created and then pass this to all the subsequent requests that will be fired by scanner
Please assist on this, struggling a lot around this area...
Thanks for your message.
Please could you tell me which version of Burp are you using?