Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

NTLM authentication brute force

Axelia | Last updated: Mar 22, 2023 04:28PM UTC

I want to conduct a brute force attack on a NTLM app authentication login form. For some reason I a not intercepting the login requests. How do I intercept the login requests? I have noticed that when people ask similar questions, they are being redirect to this post, https://portswigger.net/support/configuring-ntlm-with-burp-suite. This is not what I want.

Michelle, PortSwigger Agent | Last updated: Mar 23, 2023 03:54PM UTC

Hi The credentials used for NTLM authentication are configured under Settings -> Network -> Connections -> Platform authentication. The messages containing these credentials are not intercepted by Burp Proxy. If you wanted to change the credentials sent with each request, you could potentially look at creating an extension to update these settings before each request to the website is sent.

Axelia | Last updated: Mar 24, 2023 03:55PM UTC

What do you mean creating an extension? Why Burp doesnt intercept these messages?

Michelle, PortSwigger Agent | Last updated: Mar 27, 2023 08:27AM UTC