Burp Suite User Forum

Create new post

Logout after correct password

ottavia | Last updated: Sep 02, 2018 08:52AM UTC

- burp intruder - i would like to know if it's possible to make an account logout every time the intruder find a correct password. I have an account and password list, and every time one of the account password is correct looks like that stop checking the others because the account is already logged in. thanks

PortSwigger Agent | Last updated: Sep 03, 2018 08:27AM UTC

You could do this using a post-request macro. If you're not familiar with macros and session handling rules, there's an introduction here: - https://support.portswigger.net/customer/en/portal/articles/2363088-configuring-burp-s-session-handling-rules If your case, first record a macro that does logout. Then create a session handling rule, scoped to the login URL, with the action "Run a post-request macro". This will cause a logout after each login attempt, which is a little inefficient, but probably suitable for your needs.

Burp User | Last updated: Sep 03, 2018 09:32AM UTC

thanks you! it worked !

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.