Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Issues with Intruder and a client certificate

Bill | Last updated: Feb 25, 2020 09:29PM UTC

I have Burp Pro 2.20.2beta. I have an API to test that uses a client certificate for authentication. The problem is when I run Intruder. Intruder will send the first test case and get a response. However, all subsequent request/responses time out and do not have a response. Is this related to the client certificate? How do I resolve this, or is it a bug?

Uthman, PortSwigger Agent | Last updated: Feb 26, 2020 01:35PM UTC

Can you clarify which version of Burp you are talking about? We do not have a 2.20.2beta.

Bill | Last updated: Feb 26, 2020 03:39PM UTC

v2.0.20beta Build 306

Uthman, PortSwigger Agent | Last updated: Feb 26, 2020 03:47PM UTC

Can you try this on the latest version? You can specify a client TLS certificate under User options > TLS.

Bill | Last updated: Feb 26, 2020 04:44PM UTC

I'll try with the latest.

Bill | Last updated: Feb 26, 2020 07:30PM UTC

Now on V2020.1, the issue persists.

Bill | Last updated: Feb 26, 2020 07:32PM UTC

I have the client certificate configured correctly and can make requests to the API. I can even make rapid requests using Repeater. But Intruder doesn't get any responses after the first request/response.

Uthman, PortSwigger Agent | Last updated: Feb 27, 2020 09:09AM UTC

Thank you for testing. Can you please email us with diagnostics (Help > Diagnostics) and some screenshots? support@portswigger.net

Bill | Last updated: Feb 28, 2020 08:41PM UTC

I sent a screenshot, but I don't think I can send the diagnostic. Can you still help?

Uthman, PortSwigger Agent | Last updated: Mar 02, 2020 10:32AM UTC