Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility
Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Show NTLM auth on requests

Maurizio Agazzini Jan 19, 2017 10:08AM UTC

Currently NTLM authentication used in burp in not shown in any request and cannot be tracked/checked in anyway.

A log should be usefull to check if there is problems.

Maurizio


Dafydd Stuttard Jan 20, 2017 04:02PM UTC Support Center agent

NTLM involves a three-way handshake over a single TCP connection, so for each request that Burp needs to make, it is actually issued twice, each with a different authentication header. Unlike with Basic authentication, there isn’t a single request that Burp could show that includes the authentication header.

However, in principle we could provide some additional logging or diagnostics of the NTLM handshake. If enough users request this feature, we’ll consider adding it.


Maurizio Agazzini Mar 30, 2017 04:47PM UTC
I know that the auth is different from the basic one, but in the current configuration you cannot identify what's wrong in the NTLM auth. Also enabling burp logging the request are not saved on the log and a debugging of the auth is not possible.

Currenly I got an application running on NTLMv2 that cannot get correctly the burp authentication (under firefox browser work well).

Maurizio

Maurizio Agazzini Apr 30, 2017 03:49PM UTC
I think that I found what is the problem.

Currently BURP doesn't use signature feature on NTLMv2 authentication, so if the server check the signature the request will be not valid.

The only way that I found to get it working is use fiddler to do the authentication.

Maurizio

Post Your public answer

Your name
Your email address
Answer