Burp Collaborator sending high volume of Emails
We ran Burpsuite and used its service for spidering the pages. Since we have used it, we are getting high voulme of emails (5000+) coming from burp collaborator. We have closed the Burpsuite but still we are getting emails from burp collaborator. Would you please look into this and confirm us the immediate solution?
You should use Burp to locate the source of these interactions and harden your application accordingly.
Burp automatically continues to poll for interactions when you open the project. If your application has interacted with the collaborator, this would be reported by Burp.
In general, any Collaborator-related payload that Burp sends to the target application might cause deferred interactions with the Collaborator server. This can happen in two main ways:
Conventional storage and later processing of input, e.g. stored SQL injection.
Immediate asynchronous processing, e.g. by a mail spooler.
When Burp polls the Collaborator server to retrieve details of any interactions that were triggered by a given test, it will also receive details of any deferred interactions that have resulted from its earlier tests. Burp can then report the relevant issues to the user retrospectively.
Because every Collaborator payload that Burp sends to the target includes a unique, one-time random identifier, when a deferred interaction occurs, Burp can use the identifier to pinpoint exactly where the payload originated, including the original request, the insertion point and the full payload.
Please let us know if you need any further assistance.
Thanks for prompt response. As mentioned by you in this line:
"Burp automatically continues to poll for interactions when you open the project. If your application has interacted with the collaborator, this would be reported by Burp. "
When poll interacts with the project- Here I have deleted the project from my Burpsuite but still we are getting high number of emails. I still have no luck from this.
Please assist if there is any other point we need to notice here.
You should run the scan again to locate the issue and harden your application accordingly / fix the issue.