Traceback (most recent call last):
File "/Users/rwiggins/.BurpSuite/bapps/b2244cbb6953442cb3c82fa0a0d908fa/UploadScanner.py", line 982, in doActiveScan
self.do_checks(injector)
File "/Users/rwiggins/.BurpSuite/bapps/b2244cbb6953442cb3c82fa0a0d908fa/UploadScanner.py", line 1089, in do_checks
self._php_rce(injector)
File "/Users/rwiggins/.BurpSuite/bapps/b2244cbb6953442cb3c82fa0a0d908fa/UploadScanner.py", line 1089, in do_checks
self._php_rce(injector)
File "/Users/rwiggins/.BurpSuite/bapps/b2244cbb6953442cb3c82fa0a0d908fa/UploadScanner.py", line 1726, in _php_rce
self._servercode_rce_backdoored_file(injector, self._php_gen_payload,
File "/Users/rwiggins/.BurpSuite/bapps/b2244cbb6953442cb3c82fa0a0d908fa/UploadScanner.py", line 1958, in _servercode_rce_backdoored_file
for payload, expect, name, ext, content in bi.get_files(size, payload_func, formats):
File "/Users/rwiggins/.BurpSuite/bapps/b2244cbb6953442cb3c82fa0a0d908fa/UploadScanner.py", line 5746, in get_files
for payload, expect, name, ext, c in self.get_exiftool_images(payload_func, size, formats):
File "/Users/rwiggins/.BurpSuite/bapps/b2244cbb6953442cb3c82fa0a0d908fa/UploadScanner.py", line 5770, in get_exiftool_images
x = ImageHelpers.new_image(size[0], size[1], ext[1:])
File "/Users/rwiggins/.BurpSuite/bapps/b2244cbb6953442cb3c82fa0a0d908fa/UploadScanner.py", line 4649, in new_image
g2d.setColor(Color(color))
File "/Users/rwiggins/.BurpSuite/bapps/b2244cbb6953442cb3c82fa0a0d908fa/UploadScanner.py", line 4649, in new_image
g2d.setColor(Color(color))
IllegalAccessException: java.lang.IllegalAccessException: class org.python.core.PyReflectedFunction cannot access class sun.java2d.SunGraphics2D (in module java.desktop) because module java.desktop does not export sun.java2d to unnamed module @4f5fe474
Upload Scanner Version: 1.0.8a
Extension code location: doActiveScan
Jython version: 2.7.0 (default:9987c746f838, Apr 29 2015, 02:25:11)
[OpenJDK 64-Bit Server VM (Oracle Corporation)]
Java version: 17.0.2
Burp version: Burp Suite Professional 2022 3.6
Command line arguments:
Was loaded from BApp: True
Request: 'POST /wp-json/contact-form-7/v1/contact-forms/81/feedback HTTP/1.1\r\nHost: wordpress.lan\r\nUser-
Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:99.0) Gecko/20100101 Firefox/99.0\r\nAccept:
application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-
Encoding: gzip, deflate\r\nX-Requested-With: XMLHttpRequest\r\nContent-Type: multipart/form-data;
boundary=---------------------------15927038533185754381311175691\r\nContent-Length: 1495\r\nOrigin:
http://wordpress.lan\r\nConnection: close\r\nReferer: http://wordpress.lan/booo/\r\nCookie:
pma_lang=en; pmaUser-1=%7B%22iv%22%3A%22VLxH2L1Qwx2txLmm2N5sNg%3D%3D%22%2C%22mac%22%3A%22ae8a9d82da3
1e64229bfb4260be3c931d713c4f4%22%2C%22payload%22%3A%221kIhH9%5C%2FKGsZddHLFGBnRLA%3D%3D%22%7D;
wordpress_test_cookie=WP%20Cookie%20check; tk_ai=woo%3AunKX5ep2q9Hjujqa4kMT1kMZ; wp_lang=en_GB;
pps_show_101=1; pps_actions_101=_JSON%3A%7B%22subscribe%22%3A1%7D; _ga=GA1.2.81168235.1650970769;
fusionredux_current_tab=8...