[Burp-users] authorization problems

[Graham K. <ke...@sp...>]

Israel Bravo wrote:
> Server - burp-1.1.14 - Linux CentOS
> Client - burp-1.1.14 - Windows 7 32 bit and 64 bit (checked on two computers)
> After starting "burp -a b"  (immediately after installation) I get error messages (see attached snapshot).
> I don't understand why the message is "expected c:ok, got e:unable to authorise" - disk E is CD-ROM !

The screenshot was too big to be posted to the mailing list, but I have seen
it via the mailing list warning system. If you want to post screenshots,
you might should consider scaling it smaller and converting it to a compressed
image format like a jpg or a png, instead of a gif.

a) You need to use forward slashes in your include path ('/' instead of '\'),
or your backups will go funny once you start adding more than one
include/exclude.

b) When burp says "expected c:ok, got e:unable to authorise", it means that
it was expecting the server to say 'c:ok' (command ok) to the authorisation
request. But it actually got 'e:unable to authorise'. This means 'error -
unable to authorise', not something to do with your E drive.

You need to check that there is an entry for the client in
the clientconfdir on the server that matches the cname field in the client
burp.conf file, and that the password fields match.

So, in your client burp.conf file, there will be two lines like this:
cname = someclientname
password = somepassword

On the server, you will need to create a file named like this (assuming that
you have not changed the clientconfdir path in the server conf file):
/etc/burp/clientconfdir/someclientname

Inside that file on the server, you will need at least these options (assuming
that you have not created your own ssl certificates):
password = abcdefgh
ssl_peer_cn = grkeclient

c) Could you please reply to the list to indicate whether my answers are
helping you? It would be nice to know if the problems you report get resolved,
otherwise I will never know.