search

modzero / mod0BurpUploadScanner

HTTP file upload scanner for Burp Proxy
Other
481 stars 138 forks source link

UploadScanner bug #27

Closed dorkerdevil closed 6 years ago

dorkerdevil commented 6 years ago 
Traceback (most recent call last):
  File "C:\Users\example\AppData\Roaming\BurpSuite\bapps\b2244cbb6953442cb3c82fa0a0d908fa\UploadScanner.py", line 919, in doActiveScan
    self.do_checks(injector)
  File "C:\Users\example\AppData\Roaming\BurpSuite\bapps\b2244cbb6953442cb3c82fa0a0d908fa\UploadScanner.py", line 985, in do_checks
    self._sanity_check(injector)
  File "C:\Users\example\AppData\Roaming\BurpSuite\bapps\b2244cbb6953442cb3c82fa0a0d908fa\UploadScanner.py", line 985, in do_checks
    self._sanity_check(injector)
  File "C:\Users\example\AppData\Roaming\BurpSuite\bapps\b2244cbb6953442cb3c82fa0a0d908fa\UploadScanner.py", line 1154, in _sanity_check
    self._send_simple(injector, types, "SanityCheck", content, redownload=False, randomize=False)
  File "C:\Users\example\AppData\Roaming\BurpSuite\bapps\b2244cbb6953442cb3c82fa0a0d908fa\UploadScanner.py", line 4028, in _send_simple
    urrs.append(self._make_http_request(injector, req))
  File "C:\Users\example\AppData\Roaming\BurpSuite\bapps\b2244cbb6953442cb3c82fa0a0d908fa\UploadScanner.py", line 4181, in _make_http_request
    attack = self._callbacks.makeHttpRequest(service, req)
RuntimeException: java.lang.RuntimeException

Upload Scanner Version: 1.0.5

Jython version: 2.7.0 (default:9987c746f838, Apr 29 2015, 02:25:11) 
[Java HotSpot(TM) 64-Bit Server VM (Oracle Corporation)]
Java version: 1.8.0_77
Burp version: Burp Suite Professional 1.7 30
Command line arguments: -Xmx1G
Was loaded from BApp: True
floyd-fuh commented 6 years ago

Well, this is probably not the fault of the extension. I don't know why makeHttpRequest would ever throw a RuntimeException on something that is coming from a request.

floyd-fuh commented 6 years ago

The most likely explanation by the way: You ran low of RAM, as you gave Burp only 1GB with -Xmx1G.

If you think you can provide more details, feel free to reopen this issue.