Ensure Burp is running, and also ensure that the owaspbwa VM is running and that Burp is configured in the Firefox browser used to view owaspbwa applications.
- From the owaspbwa landing page, click the link to OWASP Mutillidae II application.
- Open Firefox browser to the home of OWASP Mutillidae II (URL: http://<your_VM_assigned_IP_address>/mutillidae/).
- Go to the login page and log in using the username ed and the password pentest.
- Switch to Burp's Proxy | HTTP history tab, find the login you just performed, right-click, and select Send to Intruder:
- Go to the Intruder | Positions tab, and clear all the payload markers, using ...