Burp Suite Automation keeps failing while fuzzing

justmorpheus / burp-automation

Performing automated scan using Burp Suite Pro & Vmware Burp Rest API

GNU General Public License v3.0

47 stars 13 forks source link

Burp Suite Automation keeps failing while fuzzing #1

Closed infa-ritranjan closed 3 years ago

infa-ritranjan commented 3 years ago

burp suite automation is starting after I'm inputting this command python3 -m robot -d output fuzzing.robot, but the process keeps failing. Could you let me know why? Screenshot from 2021-08-18 14-24-44

captainbarber99 commented 3 years ago

burp suite automation is starting after I'm inputting this command python3 -m robot -d output fuzzing.robot, but the process keeps failing. Could you let me know why?

@ritikaranjan15 Did you check the client_secrets.json . I think it is missing client_id. The code is running scuccesfully and scan is complete but when python is trying to upload the files into google drive then it is causing issue. You need to check client_secrets.json. Sample is attached. {"web":{"client_id":"sddssddsds.apps.googleusercontent.com","project_id":"eng-bloom-12334","auth_uri":"https://accounts.google.com/o/oauth2/auth","token_uri":"https://oauth2.googleapis.com/token","auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs","client_secret":"Idsdddssddsdssd","redirect_uris":["http://localhost:8080/"],"javascript_origins":["http://localhost:8080"]}}

infa-ritranjan commented 3 years ago

Screenshot from 2021-08-19 18-51-18 @justmorpheus Could you help me out with this error? I configured the google drive and client id is added in client secrets json now.

captainbarber99 commented 3 years ago

@ritikaranjan15 Please remove


    log to console  ${\n}Gdrive Status: ${GDRIVE}"${\n}```

    From the fuzzing.robot

    Hence the function won't be called.

captainbarber99 commented 3 years ago

@ritikaranjan15 for generating the keys you can visit official pydrive https://pythonhosted.org/PyDrive/quickstart.html or Use https://gist.githubusercontent.com/justmorpheus/3c0f1f1034bc9532afa45fd27fe0dcb4/raw/12ced55441772692960bb9e19de2ccdc73c1910f/oauth-quickstart.py

Run oauth-quickstart.py with client_secrets.json in the same folder. It will generate the correct keys.

Refer: https://infosecwriteups.com/burp-automation-automating-burp-scanning-via-rest-api-robot-framework-using-python3-78aebdd35c53

infa-ritranjan commented 3 years ago

@ritikaranjan15 Please remove

    log to console  ${\n}Gdrive Status: ${GDRIVE}"${\n}```

    From the fuzzing.robot

    Hence the function won't be called.

@justm0rph3u5 I did this but it's still failing. Removed the whole log to console line after ${GDRIVE}

infa-ritranjan commented 3 years ago

Screenshot from 2021-08-23 10-13-39 @justm0rph3u5 @justmorpheus I keep getting this error even after altering the fuzzing.robot file as you suggested. What should I do?