Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Scanning a site with basic authorization (Burp suite enterprise Rest API)

Andrii | Last updated: May 30, 2019 07:53AM UTC

Hello. I want to scan sites where basic authorization is installed. What tokens can I use in building a curl request for basic authorization? curl -vgw "\n" -X POST 'http://burp.link.to.rest.api/v0.1/scan' -d '{ (???basic auth???) "scan_configurations":[{"name":"Audit checks - all except Java ....... Thank You! Regards.

Liam, PortSwigger Agent | Last updated: May 30, 2019 03:36PM UTC

Have you tried setting and saving Burp's platform authentication settings to a User options configuration file: - https://support.portswigger.net/customer/portal/articles/2927576-configuring-ntlm-with-burp-suite Then loading the config file when you start Burp: - https://support.portswigger.net/customer/portal/articles/2928360-using-burp-s-command-line-arguments

Burp User | Last updated: May 30, 2019 03:47PM UTC

Ok.. And how to do it in the curl request on command line? I use Rest API (Burp Enterprise) from web interface. Than You! Kind regards.

Liam, PortSwigger Agent | Last updated: May 31, 2019 11:03AM UTC

You need to export the working custom configuration then add it to your command using the toolkit. We've sent a screenshot to your email.

Burp User | Last updated: Jun 03, 2019 02:44PM UTC

This method work in RestAPI from port 1337 (created task in Burp Professional (program)) but not working in Rest API (web-version). I have error 401 error in web-serwer logs.

PortSwigger Agent | Last updated: Jun 03, 2019 02:55PM UTC