Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Burp 2.0 extension-only audit

Omar May 19, 2019 07:56PM UTC

I have a local page that I use to test for LFI attacks, when I used to run active scan against this page in Burp 1.7.37, I get the attack detected by different extensions, e.g. J2EEScan.
I tried to scan the same page in Burp 2.20beta with the extension-only audit. However, I got no results and by checking the logs I don't see any of the extension packets, only maybe Active Scan++ but no J2EEScan nor Scan Check Builder packets.
I used the jar file for Burp2.20beta. Would you have an idea why such an issue took place and if there is a way to get extension-only audit to work with the above mentioned extensions?


Rose Krawczuk May 20, 2019 08:28AM UTC Support Center agent

When you select the extension via Extender > Extensions, do you see anything in the Errors tab?


Omar May 20, 2019 08:41AM UTC
No, there are no errors. I reinstalled the extension again, yet no scans are carried out by the extension. i.e. J2EEScan

Paul Johnston May 20, 2019 02:45PM UTC Support Center agent

Omar – I just checked with Burp 2.0.20 on MacOS and J2EEScan was correctly generating requests in an extension only audit. I was able to view the requests in Logger++

Are you on a different platform? Are you able to see J2EEScan requests in Logger++ ?


Omar May 21, 2019 02:27PM UTC
I am testing in a Kali VM, I use the flow extension to check for the traffic, I searched for the J2EEScan payload in version Burp 2.0.20beta and I didn't find it there. Another point, I see that as per the dashboard I got 16 exceptions of connection reset, while in the stable version I got none.
I know that the extension is loaded and is working properly as I can see some of the passive checks already in the target section, my problem is with the active scanning in the beta version.

Rose Krawczuk May 30, 2019 09:04AM UTC Support Center agent

Omar, sorry for the delay in getting back to you. Burp extensions are developed by third party developers. We’d recommend contacting the authors with this issue:

- https://github.com/ilmila/J2EEScan


Enrico M Sep 08, 2019 11:55AM UTC
Hello Omar,

I'm the mantainer of J2EEScan, if you still have problems with the stable burp 2.x please let me know, using github.

Regards,
Enrico

Rose Krawczuk Sep 09, 2019 06:36AM UTC Support Center agent

Enrico, thanks for getting back to this customer, we really appreciate it.


Post Your public answer

Your name
Your email address
Answer