Using Burp with Integrated Windows Auth
I can't seem to get Burp to authenticate a target app that uses IWA (where you get no login prompt if already authenticated in AD). I've tried configuring both NTLMv1&2 in Platform Authentication, and tried the Kerberos Bapp plugin. If go direct to the app with a browser, it comes up fine, but when I insert Burp in the middle I keep getting auth challenges from the app and can never login. The NTLM negotiation WW-Authenticate header stuff all looks OK. but the web server keeps returning 401s. (IIS, http:// site)
Mark, could you send us your platform auth configuration settings? You can send any relevant information to firstname.lastname@example.org.
Additionally, have you checked out this support page?
Thanks for the update Mark.