I am trying to access an internal application and conduct a scan. The application uses NTLMv1. When I attempt to use Platform Authentication in burp, it doesn't work.
This morning I have gone so far as to clearing my cookie jar, all history in my browser and starting from the very beginning. Here is what I am doing:
1.) Open a new browser
2.) Open Burp Suite
3.) Attempt to access my application
4.) Fill in my login credentials and press enter
5.) Get redirected to a 401 page - Invalid Login Credentials
I have attempted to use my networks proxy for internet access as an outgoing proxy (I can access internal applications without it) with no success.
Thanks for your message. NTLM authentication can’t be proxied via Burp, and you need to configure Burp with the credentials so that it can use them. You can configure these at Options / Connections / Platform authentication.
i can crack basic but can not crack ntlm.
Thanks for your message.
Due to the nature of NTLM this can’t be done with Burp Intruder.
You could develop an extension to help you or use a specialized brute-forcing tool.