Burp Suite User Forum

Login to post

getting warning pop of like recording will not work in burp as the application uses the platform authentication.

Mahesh | Last updated: Jul 18, 2023 12:38PM UTC

I'm getting the warning message while doing the recorded login sequence of a web appliaction having 2 factor authentication. Warding Message: recording will not work in burp as the application uses the platform authentication. help how to fix this issue.

Dominyque, PortSwigger Agent | Last updated: Jul 18, 2023 02:06PM UTC

Hi Due to how difficult it would be for the scanner to handle 2FA as it won't be able to replay with a code received via SMS/email (for example). Therefore, our recorded login sequence will not work for that use case. You can either disable the 2FA while scanning the application or try to configure a second step (e.g., a security question) that can easily be replayed by the scanner using a recorded login sequence. Please refer to this documentation: https://portswigger.net/burp/documentation/scanner/authenticated-scanning/recorded-login-sequences#:~:text=A%20recorded%20login%20sequence%20is,entered%20in%20the%20same%20form.

You need to Log in to post a reply. Or register here, for free.