The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

NTLM Platform Auth Problem

Mark | Last updated: Feb 24, 2017 04:01PM UTC

I'm trying to proxy an internal NTLMv1 site using 1.7.13, and I have the appropriate host entries in User Options/Platform Auth, but I'm getting denied by the remote host. I can connect directly using the browser and creds with browser proxy = none. Depending on the setting experiment I'm trying, I get either Auth failure or No NTLM challenge received. I the former case, the browser pops an NTLM auth prompt, and I know Burp cannot /proxy/ NTLM. Any suggestions?

PortSwigger Agent | Last updated: Feb 24, 2017 04:15PM UTC

Are you certain that the site is using NTLMv1, rather than v2 or Kerberos? Try selecting NTLMv2 with your credentials, and try out the Kerberos extension in the BApp Store.

Burp User | Last updated: Jul 18, 2018 12:20PM UTC

Hi, I'm facing error related to this NTLM Platform Auth but in a different way. When i select Do platform authentication, Scanner running fine. But, Application responding with 302 error. If i remove Do platform authentication, application responding well were scanner resulting authentication error under alerts tab. Is there any workaround/suggestions?

PortSwigger Agent | Last updated: Jul 18, 2018 12:29PM UTC