Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Toggle on multiple accounts (username) on a single destination host in platform authentication

M | Last updated: May 28, 2024 03:36AM UTC

Hi! I think it would be a good feature if we can toggle on the list of users when doing a platform authentication. Currently, my method is very manual. 1) Enable Do platform authentication 2) Add destination host: example.com1, auth type: NTLMv2, username: user1 3) Add destination host: example.com2, auth type: NTLMv2, username: user2 ... As you may have noticed the destination host is example.com and to test/check the difference of the two accounts, i need to switch between the two by removing "1" or "2". The current issue in burp's platform authentication is that it overwrites the other user if they have the same value on "destination host". I need multiple accounts for testing that uses NTLM auth. In ZAP, they have this feature (but its very buggy for NTLM auths) where they can add multiple users when you create a context, and just switch between multiple users under "forced user". If you have a better workaround in burp, please do share. TIA.

Ben, PortSwigger Agent | Last updated: May 28, 2024 07:48AM UTC

Hi, The latest 'early adopter' release (version 2024.5) now has the functionality available to supply multiple platform authentication credentials for each destination host. You can find out more details on this feature on our release page below: https://portswigger.net/burp/releases/professional-community-2024-5?requestededition=professional

M | Last updated: May 29, 2024 12:54AM UTC