Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Intruder only works after repeater...sort of

John | Last updated: Dec 01, 2020 06:32PM UTC

Hi all, I'm 2 weeks into pen testing and burp so please forgive me if this sounds really simple. For some reason, the Intruder only works after I've run an instance in the Repeater. Steps I'm following are: 1. Launch browser (internal one) 2. Navigate to login 3. Enter valid user, dodgy password 4. Take that post and move it to the Repeater. 5. In the repeater, I change the password to the valid one and run - it works OK. 6. I then move it into the repeater. Different scenarios: 1. Run the Repeater, leave for 30 seconds, valid password in list fails. 2. Run the Repeater, run straight away, (valid password at top of list, valid password 100 rows down). First attempt works, second one doesnt. 3. All rows with valid password, they all work and don't need to run through the repeater. 4. Valid password on row number 100. They all fail. But eyeballing it, if I run the repeater at when it hits at around 75 it works as the session or whatever I assume is still valid. Something timing out and I'm not sure why. I'm not sure full stop. Any help would be greatly appreciated.

John | Last updated: Dec 01, 2020 07:31PM UTC

a

John | Last updated: Dec 01, 2020 07:31PM UTC

Here is a copy of my request. uses csrf. thanks! I'll post a copy of the request in case that helps :) POST /login?redirect_uri=https%3A%2F%2Fapp.qa.xxxxx.co.uk%2Flogin.html&response_type=code&client_id=2u0e4jnt0913gfbfbed7h9jr5c&state=&scope=openid%20email%20profile HTTP/1.1 Host: um-auth-qa.auth.eu-west-1.amazoncognito.com Connection: close Content-Length: 1042 Cache-Control: max-age=0 Upgrade-Insecure-Requests: 1 Origin: https://um-auth-qa.auth.eu-west-1.amazoncognito.com Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.66 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Referer: https://um-auth-qa.auth.eu-west-1.amazoncognito.com/login?redirect_uri=https%3A%2F%2Fapp.qa.ssssss.co.uk%2Flogin.html&response_type=code&client_id=2u0e4jnt0913gfbfbed7h9jr5c&state=&scope=openid%20email%20profile Accept-Encoding: gzip, deflate Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: XSRF-TOKEN=3a3a60b6-ae1f-4951-a6b3-9152dde95d58; csrf-state=""; csrf-state-legacy="" _csrf=3a3a60b6-ae1f-4951-a6b3-9152dde95d58&username=john.sidney%40ddddddddd&password=jfjfjfjfjf&cognitoAsfData=eyJwYXlsb2FkIjoie1wiY29udGV4dERhdGFcIjp7XCJVc2VyQWdlbnRcIjpcIk1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84Ny4wLjQyODAuNjYgU2FmYXJpLzUzNy4zNlwiLFwiRGV2aWNlSWRcIjpcIjByZHcza2ZoOXExd3M2YXoyMWYyOjE2MDY4NDUyMjY4MjVcIixcIkRldmljZUxhbmd1YWdlXCI6XCJlbi1HQlwiLFwiRGV2aWNlRmluZ2VycHJpbnRcIjpcIk1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84Ny4wLjQyODAuNjYgU2FmYXJpLzUzNy4zNkNocm9taXVtIFBERiBQbHVnaW46Q2hyb21pdW0gUERGIFZpZXdlcjpOYXRpdmUgQ2xpZW50OmVuLUdCXCIsXCJEZXZpY2VQbGF0Zm9ybVwiOlwiV2luMzJcIixcIkNsaWVudFRpbWV6b25lXCI6XCIwMDowMFwifSxcInVzZXJuYW1lXCI6XCJqb2huLnNpZG5leUBpbmZ1c2UuaXRcIixcInVzZXJQb29sSWRcIjpcIlwiLFwidGltZXN0YW1wXCI6XCIxNjA2ODQ1MjI2ODI2XCJ9Iiwic2lnbmF0dXJlIjoic3FXZENsTEJsYWdXNHhTY1N5dE0vM2ZOZ2NuaUtrMWVLT0JXUk5tKzR0RT0iLCJ2ZXJzaW9uIjoiSlMyMDE3MTExNSJ9&signInSubmitButton=Sign+in

Liam, PortSwigger Agent | Last updated: Dec 02, 2020 09:21AM UTC