Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Burpsuite Pro Integration Not Working #300

Closed
1N3 opened this issue Nov 11, 2020 · 3 comments
Closed

Burpsuite Pro Integration Not Working #300

1N3 opened this issue Nov 11, 2020 · 3 comments
Labels
help wanted

Comments

@1N3
Copy link
Owner

1N3 commented Nov 11, 2020

@digitizeddude

In response to zap not functioning the way i need it to for this one engagement, i pulled the trigger on purchasing Burpsuite pro because i need to get more web app information. I ran in to another issue with it however as it relates to sn1per/pro. I'm just trying to get integration working between BurpSuite Pro and i can't seem to get it to operate with Sniper Pro properly. I've removed Burp Community to be safe on Kali 2020.3 and i've installed Burp using the downloadable shell install script file from Portswigger. I know Burp Pro works because i can run it manually on targets. I've made the changes using the integration instructions found on the sn1per github project site. However, when i run the scan all i get is this below:
====================================================================================•x2020-11-11x•
RUNNING BURPSUITE SCAN
====================================================================================•x2020-11-11x•

[-] SCAN #1: [-] SCAN #2: [-] SCAN #3: [-] SCAN #4: [-] SCAN #5: [-] SCAN #6: [-] SCAN #7: [-] SCAN #8: [-] SCAN #9: [-] SCAN #10: [-] SCAN #11: [-] SCAN #12: [-] SCAN #13: [-] SCAN #14: [-] SCAN #15: [-] SCAN #16: [-] SCAN #17: [-] SCAN #18: [-] SCAN #19: [-] SCAN #20: [-] SCAN #21: [-] SCAN #22: [-] SCAN #23: [-] SCAN #24: [-] SCAN #25: [-] SCAN #26: [-] SCAN #27: [-] SCAN #28: [-] SCAN #29: [-] SCAN #30: [+] VULNERABILITIES:

The sn1per web scan doesn't get any further even though I've made the integration changes on the Burp suite Misc tab.
@1N3 1N3 mentioned this issue Nov 11, 2020
Closed
@digitizeddude
Copy link

FYI: I ran the sn1per scan on testfire.net and i got the same error.

@1N3
Copy link
Owner Author

1N3 commented Nov 12, 2020

Just tried testfire.net using the latest Kali and Burpsuite Pro releases and everything is working on my end. It seems that there is an error in communicating with the Burp API based on your output.

Please confirm the REST API config under User Options > Misc that the service is running and allowed without an API key and that the service URL is listening on all interfaces and listening on port 1338/tcp.

After, confirm your /root/.sniper.conf configuration has the following settings to match:

# BURP 2.0 SCANNER CONFIG
BURP_HOST="127.0.0.1"
BURP_PORT="1338"
BURP_SCAN="1"

I suspect either the Sn1per config doesn't match the Burp configuration or the Burp configuration is missing a crucial setting mentioned above. Let me know.

@1N3
Copy link
Owner Author

1N3 commented Dec 2, 2020

Closing out for now, but let me know if it's still an issue and I will re-open.

@1N3 1N3 closed this as completed Dec 2, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@1N3 @digitizeddude