search

PortSwigger / backslash-powered-scanner

Finds unknown classes of injection vulnerabilities
Other
641 stars 93 forks source link

java.lang.ArithmeticException #14

Closed Hipapheralkus closed 6 years ago

Hipapheralkus commented 6 years ago

Hi, Usually I see java.lang.NullPointerException, but this time I have many instances of java.lang.ArithmeticException:

java.lang.ArithmeticException: / by zero
    at burp.DiffingScan.findReflectionIssues(DiffingScan.java:425)
    at burp.FastScan.doActiveScan(BurpExtender.java:105)
    at burp.dhd.run(Unknown Source)
    at java.lang.Thread.run(Thread.java:745)
java.lang.ArithmeticException: / by zero
    at burp.DiffingScan.findReflectionIssues(DiffingScan.java:425)
    at burp.FastScan.doActiveScan(BurpExtender.java:105)
    at burp.dhd.run(Unknown Source)
    at java.lang.Thread.run(Thread.java:745)
java.lang.ArithmeticException: / by zero
    at burp.DiffingScan.findReflectionIssues(DiffingScan.java:425)
    at burp.FastScan.doActiveScan(BurpExtender.java:105)
    at burp.dhd.run(Unknown Source)
    at java.lang.Thread.run(Thread.java:745)
java.lang.ArithmeticException: / by zero
    at burp.DiffingScan.findReflectionIssues(DiffingScan.java:425)
    at burp.FastScan.doActiveScan(BurpExtender.java:105)
    at burp.dhd.run(Unknown Source)
    at java.lang.Thread.run(Thread.java:745)
java.lang.ArithmeticException: / by zero
    at burp.DiffingScan.findReflectionIssues(DiffingScan.java:425)
    at burp.FastScan.doActiveScan(BurpExtender.java:105)
    at burp.dhd.run(Unknown Source)
    at java.lang.Thread.run(Thread.java:745)
java.lang.ArithmeticException
java.lang.ArithmeticException
java.lang.ArithmeticException
java.lang.ArithmeticException
java.lang.ArithmeticException
java.lang.ArithmeticException
java.lang.ArithmeticException
java.lang.ArithmeticException
java.lang.ArithmeticException

Not sure if the fix was part of the https://github.com/PortSwigger/backslash-powered-scanner/issues/13 or if it is something new entirely, which may impede the scanning. Thanks

albinowax commented 6 years ago

Hmm, this looks like an old bug reappearing. Can you attach a screenshot of your Backslash settings?

albinowax commented 6 years ago

Thanks for reporting this, it was a pretty bad bug. I've fixed it now, and I'll do a BApp store update too.

https://github.com/PortSwigger/backslash-powered-scanner/commit/9cebf4748d1adffe8d81ccb0d2d2224a2766a58f