Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Burp Collaborator WAF triggering/not obeying options

Ciaran | Last updated: Feb 11, 2018 12:52AM UTC

Hey, I am currently using Burp to run an assessment on a website. They use Incapsula as a WAF, which is being triggered very frequently. At first I thought it might be related to spidering too fast, but I modified the spider to go extremely slow which didn't help. I then tried browsing the site without proxying through Burp and everything worked as expected. I tried to disable collaborator in the project misc settings but it is still injecting payloads in several HTTP headers. WAF error. " Error code 15 This request was blocked by the security rules 2018-02-11 00:49:47 UTC Your IP 52.56.127.52 Proxy IP 107.154.76.95 " Any help would be appreciated.

Burp User | Last updated: Feb 11, 2018 01:03AM UTC

I found a temporary solution by unloading the extension in the Extender tab. I had presumed that the collaborator was part of the core engine. Regardless there still seems to be an issue that it does not respect the option set in Project options -> Misc

PortSwigger Agent | Last updated: Feb 12, 2018 10:02AM UTC

Hi Ciaran, Thanks for your message. And good to hear that you got a temporary solution. There is a known bug that extensions need to be restarted to pick up changes in Collaborator settings. It's on the development plan although it may be a little while until this is looked at. We'll let you know when we make progress. Many thanks for the information and apologies for the inconvenience. Now that you have an account with us you won't experience further difficulties. We have fulfilled your order and have sent you a separate email with instructions for downloading the software and license key. Please let us know if you need any further assistance.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.