Freezes in scanner
I've have problems running the scanner in 1.6.09, it's very unreliable.
It just stopps scanning for no obvious reason, but it is a least not frozen. I can then save the state, kill Burp and reload the state. The scan will then continue for a few more URLs before freezing again. I have tried to set down the number of concurrent connections to just one, but it still just stops. The web site isn't frozen since it is nicely browsable in my browser. I can't figure out why this happens since it will get past the last point were it stopped after a complete re-load of Burp. It does however make testing very painful since I only get a few URLs scanned between every freeze.
Sorry to hear about this problem. We aren’t seeing this in our own testing. Is there some feature of the application that might explain why Burp’s requests sometimes grind to a halt? Have you tried changing the timeout/retry values at Scanner / Options / Active Scanning Engine.
In terms of troubleshooting, you could use the Custom Logger extension in the BApp Store to view a log of all requests made by Burp, so you can at least see which requests have been recently made at any time.
Once I moved to Kali I noticed a big difference. I notice that Kali 2 is using OpenJDK and not Oracle. The other difference is that I had some extensions. So I will add them one by one and see if the same behaviour occurs.
It would be worth trying the different Java vendor, yes. If you see problems with a particular extension, let us know which one and we’ll investigate.
I'm still having this issue with version 1.7.35 on Windows 10. Was wondering if anyone has found a decent solution? I'm using no extentions, so the problem isn't specific to J2EEScan. I may be close by reducing timeouts and threads (concurrent request limit), but was curious if anyone had found some magic.
I'm still having this issue on Windows 10 with the new 2.1 Burp Suite release. To be clear, I was having it on 1.7.37 and upgraded in hopes it would be resolved (before this I was using it on Kali Linux and had the same issue). The scanner seems to get through passive scanning just fine but freezes on the first stage of active scanning. I can completely exit/restart and it will run for a few hundred requests before crashing again.
Logger++ and Flow installed to troubleshoot, already followed the posted guides and tinkered with threads/timeouts.
The site I'm scanning is not large at all (~20 pages) and the scanner runs up to 100,000+ requests to no avail. All informational/irrelevant checks and static analysis are disabled. I am using Firefox 68.0.
Any help would be much appreciated. Burp support reps please note that if it has been listed above I've already tried it.
Andy, when you say that Burp crashes, do you mean that it becomes unresponsive? Or is it just that the scanning task freezes?
Could you send an email to email@example.com with a screenshot of your Dashboard when the scanning freezes? Ensure all filters are switched on in the Event log and that all the Tasks are visible.
I realise you said that you’ve tried everything listed above, but it was a bit ambigious as to whether it was suggested that you disable all installed Extensions. Could you just clarify on that one, please?
Chris, sorry for the delay in response.
Would it be possible to send us your debug ID (firstname.lastname@example.org)?
Is the site you are testing publicly accessible?