search

modzero / mod0BurpUploadScanner

HTTP file upload scanner for Burp Proxy
Other
483 stars 138 forks source link

Some Bug, fam #55

Open scumdestroy opened 5 years ago

scumdestroy commented 5 years ago 
Traceback (most recent call last):
  File "C:\Users\scumd\AppData\Roaming\BurpSuite\bapps\b2244cbb6953442cb3c82fa0a0d908fa\UploadScanner.py", line 981, in doActiveScan
    self.do_checks(injector)
  File "C:\Users\scumd\AppData\Roaming\BurpSuite\bapps\b2244cbb6953442cb3c82fa0a0d908fa\UploadScanner.py", line 1073, in do_checks
    colab_tests.extend(self._magick(injector, burp_colab))
  File "C:\Users\scumd\AppData\Roaming\BurpSuite\bapps\b2244cbb6953442cb3c82fa0a0d908fa\UploadScanner.py", line 1073, in do_checks
    colab_tests.extend(self._magick(injector, burp_colab))
  File "C:\Users\scumd\AppData\Roaming\BurpSuite\bapps\b2244cbb6953442cb3c82fa0a0d908fa\UploadScanner.py", line 1457, in _magick
    colabs.extend(self._send_collaborator(injector, burp_colab, types, basename, content, issue, replace=replace))
  File "C:\Users\scumd\AppData\Roaming\BurpSuite\bapps\b2244cbb6953442cb3c82fa0a0d908fa\UploadScanner.py", line 4296, in _send_collaborator
    urr = self._make_http_request(injector, req)
  File "C:\Users\scumd\AppData\Roaming\BurpSuite\bapps\b2244cbb6953442cb3c82fa0a0d908fa\UploadScanner.py", line 4380, in _make_http_request
    attack = self._callbacks.makeHttpRequest(service, req)
RuntimeException: java.lang.RuntimeException: timbanbonphuong.vn

Upload Scanner Version: 1.0.8

Extension code location: doActiveScan
Jython version: 2.7.1 (default:0df7adb1b397, Jun 30 2017, 19:02:43) 
[Java HotSpot(TM) 64-Bit Server VM (Oracle Corporation)]
Java version: 1.8.0_221
Burp version: Burp Suite Professional 2.0 11beta
Command line arguments: 
Was loaded from BApp: True
Request: 'POST /requests.php?f=update_user_avatar_picture HTTP/1.1\r\nHost: timbanbonphuong.vn\r\nUser-Agent:
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0\r\nAccept: */*\r
\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Requested-With:
XMLHttpRequest\r\nContent-Type: multipart/form-data;
boundary=---------------------------18467633426500\r\nContent-Length: 656869\r\nOrigin:
https://timbanbonphuong.vn\r\nConnection: close\r\nReferer:
https://timbanbonphuong.vn/timbothedarkrider/activities\r\nCookie:
PHPSESSID=c8ec512421cf8a3849358ed6d00a1a14; ad-con=a%3A2%3A%7Bs%3A4%3A%26quot%3Bdate%26quot%3B%3Bs%3
A10%3A%26quot%3B2019-10-31%26quot%3B%3Bs%3A3%3A%26quot%3Bads%26quot%3B%3Ba%3A0%3A%7B%7D%7D;
_us=1572609598; mode=night; access=1; src=1; _ga=GA1.2.1244557395.1572521717;
_gid=GA1.2.1772378144.1572521717; cookieconsent_status=dismiss; user_id=bce559e36595551f0e8b344d280e
2b99b111a2d4fca6d27ee85743738d6b9ece9f993a8c38364111680390c55bbd9ce416d1d6...