Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

spider authentication error

rahul | Last updated: Jun 28, 2017 02:14AM UTC

Hi, I am facing authentication errors when I try to Spider my application. I have enabled proxy and I am already logged into the application. When I start the Spider all the queued requests throw following error, <!DOCTYPE html><html><head><title>Apache Tomcat - Error report</title><style type="text/css">H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}.line {height: 1px; background-color: #525D76; border: none;}</style> </head><body><h1>HTTP Status 401 - Session hijack attempt from IP 'xx.xx.xx.xx' , User-Agent 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0' , X-Forwarded-For 'null'</h1><div class="line"></div><p><b>type</b> Status report</p><p><b>message</b> <u>Session hijack attempt from IP '136.157.149.4' , User-Agent 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0' , X-Forwarded-For 'null'</u></p><p><b>description</b> <u>This request requires HTTP authentication.</u></p><hr class="line"><h3>Apache Tomcat</h3></body></html>

PortSwigger Agent | Last updated: Jun 28, 2017 08:41AM UTC

To debug spider issues, it's helpful to install an extension like Flow or Logger++ than logs all requests. Is it just some pages on the site that cause this issue? You could add them to "Exclude from scope" to skip them. If it affects all pages, this site will be difficult to automatically spider. It may be easier to perform a manual spider. To make the automatic spider work you'd need to use session handling rules. There's some information here: - https://support.portswigger.net/customer/en/portal/articles/2363088-configuring-burp-s-session-handling-rules Please let us know if you need any further assistance.

Burp User | Last updated: Jun 29, 2017 06:55PM UTC

Hi Paul, Thank you for your answer. Yes, I am getting the 401 code in all the requests. I have downloaded the logger extension from which I posted the error message. Thanks again for your reply. Rahul

PortSwigger Agent | Last updated: Jun 30, 2017 07:01AM UTC

Hi Rahul, The next step is to look through the logs and identify when this issue starts. You should see successful requests when you're browsing normally, then at some point the Spider starts failing. I wonder if you're hitting a logout page, then your session is invalid. Also, try reducing the number of thread to 1. This is in Spider > Options > Spider Engine. Please let us know if you need any further assistance.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.