Re: [Burp-users] authorization problems
Brought to you by:
grke
Menu
▾
▴
Re: [Burp-users] authorization problems
|
From: Graham K. <ke...@sp...> - 2011-03-16 11:46:51
|
On Wed, Mar 16, 2011 at 11:44:28AM +0000, Graham Keeling wrote:
> Israel Bravo wrote:
> > Server - burp-1.1.14 - Linux CentOS
> > Client - burp-1.1.14 - Windows 7 32 bit and 64 bit (checked on two computers)
> > After starting "burp -a b" (immediately after installation) I get error messages (see attached snapshot).
> > I don't understand why the message is "expected c:ok, got e:unable to authorise" - disk E is CD-ROM !
>
> The screenshot was too big to be posted to the mailing list, but I have seen
> it via the mailing list warning system. If you want to post screenshots,
> you might should consider scaling it smaller and converting it to a compressed
> image format like a jpg or a png, instead of a gif.
>
> a) You need to use forward slashes in your include path ('/' instead of '\'),
> or your backups will go funny once you start adding more than one
> include/exclude.
>
> b) When burp says "expected c:ok, got e:unable to authorise", it means that
> it was expecting the server to say 'c:ok' (command ok) to the authorisation
> request. But it actually got 'e:unable to authorise'. This means 'error -
> unable to authorise', not something to do with your E drive.
>
> You need to check that there is an entry for the client in
> the clientconfdir on the server that matches the cname field in the client
> burp.conf file, and that the password fields match.
>
> So, in your client burp.conf file, there will be two lines like this:
> cname = someclientname
> password = somepassword
>
> On the server, you will need to create a file named like this (assuming that
> you have not changed the clientconfdir path in the server conf file):
> /etc/burp/clientconfdir/someclientname
>
> Inside that file on the server, you will need at least these options (assuming
> that you have not created your own ssl certificates):
> password = abcdefgh
> ssl_peer_cn = grkeclient
Sorry, typo - to make the example consistent, that should read:
password = somepassword
ssl_peer_cn = grkeclient
> c) Could you please reply to the list to indicate whether my answers are
> helping you? It would be nice to know if the problems you report get resolved,
> otherwise I will never know.
|
