Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Burp Collaborator sending high volume of Emails

Ankit | Last updated: Nov 06, 2018 07:12AM UTC

Hi Team, We ran Burpsuite and used its service for spidering the pages. Since we have used it, we are getting high voulme of emails (5000+) coming from burp collaborator. We have closed the Burpsuite but still we are getting emails from burp collaborator. Would you please look into this and confirm us the immediate solution? Thank you! Ankit Mishra

Liam, PortSwigger Agent | Last updated: Nov 06, 2018 09:08AM UTC

You should use Burp to locate the source of these interactions and harden your application accordingly. Burp automatically continues to poll for interactions when you open the project. If your application has interacted with the collaborator, this would be reported by Burp. - https://portswigger.net/blog/introducing-burp-collaborator In general, any Collaborator-related payload that Burp sends to the target application might cause deferred interactions with the Collaborator server. This can happen in two main ways: Conventional storage and later processing of input, e.g. stored SQL injection. Immediate asynchronous processing, e.g. by a mail spooler. When Burp polls the Collaborator server to retrieve details of any interactions that were triggered by a given test, it will also receive details of any deferred interactions that have resulted from its earlier tests. Burp can then report the relevant issues to the user retrospectively. Because every Collaborator payload that Burp sends to the target includes a unique, one-time random identifier, when a deferred interaction occurs, Burp can use the identifier to pinpoint exactly where the payload originated, including the original request, the insertion point and the full payload. Please let us know if you need any further assistance.

Burp User | Last updated: Nov 06, 2018 03:21PM UTC

Hi Liam, Thanks for prompt response. As mentioned by you in this line: "Burp automatically continues to poll for interactions when you open the project. If your application has interacted with the collaborator, this would be reported by Burp. " When poll interacts with the project- Here I have deleted the project from my Burpsuite but still we are getting high number of emails. I still have no luck from this. Please assist if there is any other point we need to notice here.

Liam, PortSwigger Agent | Last updated: Nov 06, 2018 03:48PM UTC

You should run the scan again to locate the issue and harden your application accordingly / fix the issue.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.