Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Discover content requests with cookies

Mark | Last updated: Feb 04, 2015 10:53AM UTC

Hello, Is it possible to "Discover Content" using valid cookies to test for authenticated pages? I've run several sessions after using the "Discover Content" context menu from a request with a valid cookie, however the cookies do not seem to be used in the brute forcing. Thanks Mark

Burp User | Last updated: Feb 04, 2015 11:12AM UTC

Hello again, It would seem posting made me find part of the answer.... By using Options > Sessions I've been able to manually force a specific cookie, could this be picked up from the request when using a context menu? The next problem is that the session instantly found the logout function and invalidated the session, would it be possible for "Discover Content" to inherit the Target > Scope settings to exclude certain files e.g logout? Thanks Mark

PortSwigger Agent | Last updated: Feb 05, 2015 12:29PM UTC

The content discovery feature is scope based on a start URL, and includes everything below that (rather than being based on target scope, like the Spider). One workaround would be to use the option at Options / Connections / Out of scope requests to drop requests that are made (anywhere within Burp) to a specific logout URL (or other suitable scope).

Liam, PortSwigger Agent | Last updated: Feb 18, 2016 05:17PM UTC

Have you tried using the option Project Options > Sessions > Session Handling rules > Edit > Scope > Target?

Burp User | Last updated: Jul 18, 2017 06:48AM UTC

Hi Mark, I could not understand the solution you found, if i understood correctly you tried to create a new rule from Project Options-> Sessions -> Session Handling rules -> add rule action -> use cookie from cookie jar Scope - > tool, however i could not find Content discover tool listed in scope. I am missing something?

Nikolaus | Last updated: Jan 07, 2021 04:36AM UTC

In case someone else needs this at a later point in time and finds this via a Search Engine, just as I did just now, to make this work you have to include "Target" in the scope of the session handling rule. You could just edit the default, include it in the scope and move on with content discovery.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.