Burp Suite User Forum

Create new post

Anti-CSRF Token Update/Burp Macro

Ryan | Last updated: Jul 21, 2017 04:45PM UTC

Hello, I have been testing out the macro functionality of Burp in order to update anti-CSRF tokens on requests. I'm having issues because when I record and test the macro, everything works fine and as intended but after I configure the session handling rules, the token never updates. I primarily am testing this using Intruder because the scanner is a little more difficult to identify definitively whether the token is updated or not. Any help would be appreciated. I read other threads on this issue and the responses didn't provide any resolution to the issue. Thanks, Ryan

Burp User | Last updated: Jul 21, 2017 04:50PM UTC

Disregard, problem solved! I selected the wrong option initially which was 'Run a macro', under the 'Rule Actions' section. The option directly below it 'Run a post-request macro', did the trick! Thanks, Ryan

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.