Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Generate cookie/session per request - Intruder

Bryan Mar 02, 2017 03:15PM UTC

Hi, guys.
I'd like to know how to configure intruder to generate a new cookie and session per request.
I'm facing a problem when I try to make a request because my target session expires very quickly and I can't make multiple requests on the same session using the same cookie.
Thanks in advance.


Liam Tai-Hogan Mar 03, 2017 11:34AM UTC Support Center agent

Hi Bryan

Thanks for your message.

Have you tired using Burp’s session handling rules?

- https://support.portswigger.net/customer/en/portal/articles/2363088-configuring-burp-s-session-handling-rules

The simplest way would be to create a macro that establishes a fresh session, make a session rule to run that macro before each relevant Intruder requests, and use a single attack thread.

Alternatively, a more complex approach would be to make a rule to test for session validity and recover if needed.

Please let us know if you need any further assistance.


Post Your public answer

Your name
Your email address
Answer