Burp Suite User Forum

Login to post

Basic Auth: 1 Position, but should be two?

theftaut0 | Last updated: Sep 13, 2019 09:12PM UTC

I am following some guides and it says for basic auth to select the hash and then use a colon as thew position seperator/select Base64 etc. I am confused as there should be two positions? For the username list and password list it is one thing I select and they want me to enter two positions? Its https and I have the CA etc. GET /cgi-bin/webif/system-info.sh HTTP/1.1 Host: 192.168.100.10:55555 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Cookie: style=null Authorization: Basic §YWRtaW46Rm9ydGlzYm95byE=§ Connection: §close§ Upgrade-Insecure-Requests: §1§ For Basic §YWRtaW46Rm9ydGlzYm95byE=§ I want to use admin/passwordlist, but isn't that just one position? The position two and three, would be open and 0? I just entered them for fun, but should that be done as well? Any guidance should help. Many thanks!

Mike, PortSwigger Agent | Last updated: Sep 16, 2019 09:37AM UTC

Hi, can you clarify that your question is regarding the Intruder component within Burp Suite? If so, have you seen our guide on using Burp Intruder? https://portswigger.net/burp/documentation/desktop/tools/intruder/using

You need to Log in to post a reply. Or register here, for free.