Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Issues with Intruder and a client certificate

Bill | Last updated: Feb 25, 2020 09:29PM UTC

I have Burp Pro 2.20.2beta. I have an API to test that uses a client certificate for authentication. The problem is when I run Intruder. Intruder will send the first test case and get a response. However, all subsequent request/responses time out and do not have a response. Is this related to the client certificate? How do I resolve this, or is it a bug?

Uthman, PortSwigger Agent | Last updated: Feb 26, 2020 01:35PM UTC

Can you clarify which version of Burp you are talking about? We do not have a 2.20.2beta.

Bill | Last updated: Feb 26, 2020 03:39PM UTC

v2.0.20beta Build 306

Uthman, PortSwigger Agent | Last updated: Feb 26, 2020 03:47PM UTC

Can you try this on the latest version? You can specify a client TLS certificate under User options > TLS.

Bill | Last updated: Feb 26, 2020 04:44PM UTC

I'll try with the latest.

Bill | Last updated: Feb 26, 2020 07:30PM UTC

Now on V2020.1, the issue persists.

Bill | Last updated: Feb 26, 2020 07:32PM UTC

I have the client certificate configured correctly and can make requests to the API. I can even make rapid requests using Repeater. But Intruder doesn't get any responses after the first request/response.

Uthman, PortSwigger Agent | Last updated: Feb 27, 2020 09:09AM UTC

Thank you for testing. Can you please email us with diagnostics (Help > Diagnostics) and some screenshots? support@portswigger.net

Bill | Last updated: Feb 28, 2020 08:41PM UTC

I sent a screenshot, but I don't think I can send the diagnostic. Can you still help?

Uthman, PortSwigger Agent | Last updated: Mar 02, 2020 10:32AM UTC

I have not received a screenshot. Can you send it again, please?

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.