I was wondering if you have any idea what could lead to the following python stack trace when using the makeHttpRequest Burp extension API?
Traceback (most recent call last):
File "/root/.BurpSuite/bapps/b2244cbb6953442cb3c82fa0a0d908fa/UploadScanner.py", line 903, in doActiveScan
self.do_checks(injector)
File "/root/.BurpSuite/bapps/b2244cbb6953442cb3c82fa0a0d908fa/UploadScanner.py", line 1029, in do_checks
colab_tests.extend(self._xxe_xmp(injector, burp_colab))
File "/root/.BurpSuite/bapps/b2244cbb6953442cb3c82fa0a0d908fa/UploadScanner.py", line 1029, in do_checks
colab_tests.extend(self._xxe_xmp(injector, burp_colab))
File "/root/.BurpSuite/bapps/b2244cbb6953442cb3c82fa0a0d908fa/UploadScanner.py", line 2417, in _xxe_xmp
return x.do_collaborator_tests(injector, burp_colab, injector.opts.get_enabled_file_formats())
File "/root/.BurpSuite/bapps/b2244cbb6953442cb3c82fa0a0d908fa/UploadScanner.py", line 5398, in do_collaborator_tests
c = self._send_collab(injector, burp_colab, types, basename, content, old_xmp, new_xmp, issue)
File "/root/.BurpSuite/bapps/b2244cbb6953442cb3c82fa0a0d908fa/UploadScanner.py", line 5438, in _send_collab
urr = self._make_http_request(injector, req, redownload_filename=filename)
File "/root/.BurpSuite/bapps/b2244cbb6953442cb3c82fa0a0d908fa/UploadScanner.py", line 4097, in _make_http_request
attack = self._callbacks.makeHttpRequest(service, req)
byc: burp.byc
I've never seen an error like "byc: burp.byc" before. What's "byc"?
Jython and Java version seems to be fine:
Jython version: 2.7.0 (default:9987c746f838, Apr 29 2015, 02:25:11)
[Java HotSpot(TM) 64-Bit Server VM (Oracle Corporation)]
Java version: 1.8.0_112
I got it as a github issue but don't know how I could help that poor soul:
https://github.com/modzero/mod0BurpUploadScanner/issues/21
↧