Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

最新版插件仍然报错 #55

Closed
PolarPeak opened this issue Apr 11, 2024 · 3 comments
Closed

最新版插件仍然报错 #55

PolarPeak opened this issue Apr 11, 2024 · 3 comments

Comments

@PolarPeak
Copy link

面板没数据
image

日志
image
image

java.lang.NullPointerException: Cannot invoke "burp.IHttpRequestResponse.getResponse()" because "newHttpRequestResponse" is null
	at burp.application.apitypes.soap.ApiTypeSoap.urlAddPath(ApiTypeSoap.java:105)
	at burp.application.apitypes.soap.ApiTypeSoap.isFingerprintMatch(ApiTypeSoap.java:67)
	at burp.application.ApiScanner$1.run(ApiScanner.java:40)
	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1130)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:630)
	at java.base/java.lang.Thread.run(Thread.java:832)

java.lang.NullPointerException: Cannot invoke "burp.IHttpRequestResponse.getResponse()" because "newHttpRequestResponse" is null
	at burp.application.apitypes.rest.ApiTypeRest.urlAddPath(ApiTypeRest.java:104)
	at burp.application.apitypes.rest.ApiTypeRest.isFingerprintMatch(ApiTypeRest.java:55)
	at burp.application.ApiScanner$1.run(ApiScanner.java:40)
	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1130)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:630)
	at java.base/java.lang.Thread.run(Thread.java:832)

java.lang.NullPointerException: Cannot invoke "burp.IHttpRequestResponse.getResponse()" because "newHttpRequestResponse" is null
	at burp.application.apitypes.swagger.ApiTypeSwagger.urlAddPath(ApiTypeSwagger.java:132)
	at burp.application.apitypes.swagger.ApiTypeSwagger.isFingerprintMatch(ApiTypeSwagger.java:71)
	at burp.application.ApiScanner$1.run(ApiScanner.java:40)
	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1130)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:630)
	at java.base/java.lang.Thread.run(Thread.java:832)

java.lang.NullPointerException: Cannot invoke "burp.IHttpRequestResponse.getResponse()" because "newHttpRequestResponse" is null
	at burp.application.apitypes.swagger.ApiTypeSwagger.urlAddPath(ApiTypeSwagger.java:132)
	at burp.application.apitypes.swagger.ApiTypeSwagger.isFingerprintMatch(ApiTypeSwagger.java:74)
	at burp.application.ApiScanner$1.run(ApiScanner.java:40)
	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1130)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:630)
	at java.base/java.lang.Thread.run(Thread.java:832)

java.lang.NullPointerException: Cannot invoke "burp.IHttpRequestResponse.getResponse()" because "newHttpRequestResponse" is null
	at burp.application.apitypes.rest.ApiTypeRest.urlAddPath(ApiTypeRest.java:104)
	at burp.application.apitypes.rest.ApiTypeRest.isFingerprintMatch(ApiTypeRest.java:59)
	at burp.application.ApiScanner$1.run(ApiScanner.java:40)
	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1130)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:630)
	at java.base/java.lang.Thread.run(Thread.java:832)

java.lang.NullPointerException: Cannot invoke "burp.IHttpRequestResponse.getResponse()" because "newHttpRequestResponse" is null
	at burp.application.apitypes.soap.ApiTypeSoap.urlAddPath(ApiTypeSoap.java:105)
	at burp.application.apitypes.soap.ApiTypeSoap.isFingerprintMatch(ApiTypeSoap.java:69)
	at burp.application.ApiScanner$1.run(ApiScanner.java:40)
	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1130)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:630)
	at java.base/java.lang.Thread.run(Thread.java:832)

java.lang.NullPointerException: Cannot invoke "java.net.URL.getPort()" because "url" is null
	at burp.CookieManager.urlToOrigin(CookieManager.java:54)
	at burp.CookieManager.processHttpMessage(CookieManager.java:106)
	at burp.fbl.run(Unknown Source)
	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1130)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:630)
	at java.base/java.lang.Thread.run(Thread.java:832)
java.lang.NullPointerException: Cannot invoke "burp.IHttpRequestResponse.getResponse()" because "newHttpRequestResponse" is null
	at burp.application.apitypes.rest.ApiTypeRest.urlAddPath(ApiTypeRest.java:104)
	at burp.application.apitypes.rest.ApiTypeRest.isFingerprintMatch(ApiTypeRest.java:59)
	at burp.application.ApiScanner$1.run(ApiScanner.java:40)
	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1130)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:630)
	at java.base/java.lang.Thread.run(Thread.java:832)

java.lang.NullPointerException: Cannot invoke "burp.IHttpRequestResponse.getResponse()" because "newHttpRequestResponse" is null
	at burp.application.apitypes.swagger.ApiTypeSwagger.urlAddPath(ApiTypeSwagger.java:132)
	at burp.application.apitypes.swagger.ApiTypeSwagger.isFingerprintMatch(ApiTypeSwagger.java:74)
	at burp.application.ApiScanner$1.run(ApiScanner.java:40)
	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1130)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:630)
	at java.base/java.lang.Thread.run(Thread.java:832)

java.lang.NullPointerException: Cannot invoke "burp.IHttpRequestResponse.getResponse()" because "newHttpRequestResponse" is null
	at burp.application.apitypes.soap.ApiTypeSoap.urlAddPath(ApiTypeSoap.java:105)
	at burp.application.apitypes.soap.ApiTypeSoap.isFingerprintMatch(ApiTypeSoap.java:69)
	at burp.application.ApiScanner$1.run(ApiScanner.java:40)
	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1130)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:630)
	at java.base/java.lang.Thread.run(Thread.java:832)
@yuligesec
Copy link
Contributor

这个报错是因为拿不到返回包,是点autoscan触发?注意点autoscan的时候要有返回包

@fbanjin
Copy link

fbanjin commented Apr 11, 2024

主面板没东西

output:

Scanning	https://g.alicdn.com:443/sd/baxia/2.5.11/
Scanning	https://img.alicdn.com:443/tfs/
Scanning	https://webmail.lopevi.yuntrial.com:443/api/
Scanning	https://g.alicdn.com:443/AWSC/et/1.77.4/
存在敏感数据泄漏,类型为:OSSKey泄漏,匹配到关键字:ACCESSKEY
正在对 https://log.mmstat.com 进行已识别的目录扫描
Scanning	https://static.gdapi.cn:443/retcode/

error 输出

Caused by: java.lang.NullPointerException: Cannot invoke "Object.toString()" because "objects[2]" is null
	at burp.core.processor.DataProcessingUnit.lambda$matchContentByRegex$2(DataProcessingUnit.java:71)
	at java.base/java.util.stream.ForEachOps$ForEachOp$OfRef.accept(ForEachOps.java:184)
	at java.base/java.util.HashMap$KeySpliterator.forEachRemaining(HashMap.java:1715)
	at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:509)
	at java.base/java.util.stream.ForEachOps$ForEachTask.compute(ForEachOps.java:291)
	at java.base/java.util.concurrent.CountedCompleter.exec(CountedCompleter.java:754)
	at java.base/java.util.concurrent.ForkJoinTask.doExec(ForkJoinTask.java:387)
	at java.base/java.util.concurrent.ForkJoinPool$WorkQueue.topLevelExec(ForkJoinPool.java:1312)
	at java.base/java.util.concurrent.ForkJoinPool.scan(ForkJoinPool.java:1843)
	at java.base/java.util.concurrent.ForkJoinPool.runWorker(ForkJoinPool.java:1808)
	at java.base/java.util.concurrent.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:188)

@yuligesec
Copy link
Contributor

主面板没东西

output:

Scanning	https://g.alicdn.com:443/sd/baxia/2.5.11/
Scanning	https://img.alicdn.com:443/tfs/
Scanning	https://webmail.lopevi.yuntrial.com:443/api/
Scanning	https://g.alicdn.com:443/AWSC/et/1.77.4/
存在敏感数据泄漏,类型为:OSSKey泄漏,匹配到关键字:ACCESSKEY
正在对 https://log.mmstat.com 进行已识别的目录扫描
Scanning	https://static.gdapi.cn:443/retcode/

error 输出

Caused by: java.lang.NullPointerException: Cannot invoke "Object.toString()" because "objects[2]" is null
	at burp.core.processor.DataProcessingUnit.lambda$matchContentByRegex$2(DataProcessingUnit.java:71)
	at java.base/java.util.stream.ForEachOps$ForEachOp$OfRef.accept(ForEachOps.java:184)
	at java.base/java.util.HashMap$KeySpliterator.forEachRemaining(HashMap.java:1715)
	at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:509)
	at java.base/java.util.stream.ForEachOps$ForEachTask.compute(ForEachOps.java:291)
	at java.base/java.util.concurrent.CountedCompleter.exec(CountedCompleter.java:754)
	at java.base/java.util.concurrent.ForkJoinTask.doExec(ForkJoinTask.java:387)
	at java.base/java.util.concurrent.ForkJoinPool$WorkQueue.topLevelExec(ForkJoinPool.java:1312)
	at java.base/java.util.concurrent.ForkJoinPool.scan(ForkJoinPool.java:1843)
	at java.base/java.util.concurrent.ForkJoinPool.runWorker(ForkJoinPool.java:1808)
	at java.base/java.util.concurrent.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:188)

没有扫到API文档就不会显示结果

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@yuligesec @PolarPeak @fbanjin