Proxy history is empty

[brianlam38]

This error keeps popping up when trying to run your example.

I am deploying burpa + burp-rest-api on a Docker container. Do I need to be doing anything else to make the automated scan work?

[oucema001]

Is there any fix for that issue?

[bbday]

Me also have same issue with example

[Xetzer]

Hello, I have the same issue. It seems that in my case problem is connected with non-standart ports.
I'm trying to run burpa with burp-rest-api in the following sequence:

java -jar burp-rest-api-1.0.3.jar --user-config-file=burp-default-user-options.json
curl -L -k -x 127.0.0.1:8080 http://example.com:8082
python burpa.py http://127.0.0.1 --action proxy-config
python burpa.py http://127.0.0.1 --action scan --include-scope http://example.com:8082 --report in-scope

burpa log:

[+] Retrieving the Burp proxy history ...
[-] Found 1 unique targets in proxy history
[+] Updating the scope ...
[-] http://example.com:8082 included in scope
[+] Active scan started ...
[-] http://example.com is not in the scope
[-] Scan in progress: %100
[+] Scan completed

burp-rest-api log:

Proxy: Proxy service started on *:8080
INFO 250 --- [tp1130958947-16] c.v.burp.extension.service.BurpService   : Getting Scanner percentage complete.
INFO 250 --- [tp1130958947-16] c.v.b.e.domain.internal.ScanQueueMap     : Scan Queue is empty. Returning the Percent Complete as 100%.

Am I doing something wrong?

[tristanlatr]

Hello,

I've forked this repository in order to fix the issues.

You can download the new version here: https://github.com/tristanlatr/burpa

I think this issue has been fixed since burpa version 0.2 uses the official Burp REST API in order to launch the scan, and you can supply the URL to be scanned from the CLI directly.

But about this issue: This version of burpa only loads the target list from the proxy history, so if you didn't send a HTTP request to your target through your Burp Proxy, nothing is going to show up.