The extension helps you to find authorization bugs. Just navigate through the web application with a high privileged user and let the Auth Analyzer repeat your requests for any defined non-privileged user. CSRF Tokens of the non-privileged users will be extracted and replaced automatically and each response will be analyzed on its bypass status.
How does it work?
- Create a "New Session" for each user role you want to test (e.g. admin, normal_user, unauthenticated, ...)
- Paste the session characteristic (e.g. Session Cookie, Authorization Header, ...) for each role into the text area "Header(s) to replace". Use the whole header for it (e.g. Cookie: session=123456;). Header(s) can be marked and send from anywhere to Auth Analyzer over the standard context menu (mark text and right click).
- Optional: Define CSRF Token Name for each role
- With a dynamic value (the CSRF token value will be automatically grepped if it is present in a HTML-input tag or JSON object of a given response)
- With a static value (value can be defined)
- Remove CSRF Token (to test CSRF check mechanism or for other purposes)
|Last updated||13 November 2020|
You can install BApps directly within Burp, via the BApp Store feature in the Burp Extender tool. You can also download them from here, for offline installation into Burp.
|You can view the source code for this BApp by visiting our GitHub page.|
|Follow @BApp_Store on Twitter to receive notifications of all BApp releases and updates.|
Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.