I have completed all of the other starting point walkthroughs but am stuck on this last one. There is something I must be doing wrong with how BurpSuite is configured. BurpSuite seems to detect that a request is happening but it is unable to capture it.
“The client failed to negotiate a TLS connection to {target_ip}:8443: Received fatal alert: bad_certificate”
Ok I think I finally figured that problem out. Needed to install the Burp Suite CA to FireFox
However, when attempting to enter in test user:password I am still not seeing anything captured related to a “rememberme” field. Assumed that it might require that I check the Remember Me checkbox but still not seeing that its capturing any requests that include a user name and password field. Its now capturing other requests to fetch pages but not seeing any login requests being captured.
Ok so it looks like Burp Suite only captures POST requests when you have Intercept On enabled. That seems to be what I was missing. Need to set Intercept ON before issuing post requests. Or maybe there is an option in Burp suite to always capture both…
HTTP History tab in Burp Suite is what seems like I was missing here.
There is still something here I am not understanding about how Burp Suite is capturing requests, or not. It feels like its somewhat “random” but I am sure its not. I have been able to successfully capture the post requests in some cases, then later doing the same thing its not detecting any traffic from the target site. (after capturing and issuing the reverse shell it wasnt working quite right so continued the next day by starting over)
Open to any advice on what might be going wrong or causing the inconsistency. Having a really hard time getting through the proxy sniffing aspect of this machine but have done it successfully on many others now.
did you fix this issue? I have been having the exact same problem and cannot fix it. burp works with every other box and I have never had this happen before. I don’t understand what you mean by:
“Ok so it looks like Burp Suite only captures POST requests when you have Intercept On enabled”…
I understand that burp shouldn’t intercept anything if ‘intercept on’ is not on…but is this an additional setting or in proxy settings? Any help would be really appreciated.
Also, the login page for unified wont even show up in my http history.