Burp Suite User Forum

Create new post

Using Burp with Integrated Windows Auth

Huss, | Last updated: Nov 07, 2018 07:56PM UTC

I can't seem to get Burp to authenticate a target app that uses IWA (where you get no login prompt if already authenticated in AD). I've tried configuring both NTLMv1&2 in Platform Authentication, and tried the Kerberos Bapp plugin. If go direct to the app with a browser, it comes up fine, but when I insert Burp in the middle I keep getting auth challenges from the app and can never login. The NTLM negotiation WW-Authenticate header stuff all looks OK. but the web server keeps returning 401s. (IIS, http:// site)

Liam, PortSwigger Agent | Last updated: Nov 08, 2018 11:40AM UTC

Mark, could you send us your platform auth configuration settings? You can send any relevant information to support@portswigger.net. Additionally, have you checked out this support page? - https://support.portswigger.net/customer/portal/articles/2927576-configuring-ntlm-with-burp-suite

Burp User | Last updated: Nov 08, 2018 02:18PM UTC

I figured out the problem: For some odd reason, in this instance, a request to the host name by itself responds differently than a request to the FQDN, and when I changed the Platform Auth setting to hostname only, it started working.

Liam, PortSwigger Agent | Last updated: Nov 08, 2018 02:21PM UTC

Thanks for the update Mark.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.