search

nccgroup / LoggerPlusPlus

Advanced Burp Suite Logging Extension
GNU Affero General Public License v3.0
630 stars 157 forks source link

v3.20.0 - Bug: Elastic exporter not starting due to java.lang.NoClassDefFoundError #194

Closed dominee closed 1 year ago

dominee commented 1 year ago

Description:

Elastic Exporter does not start. The button remains blue, labeled "Starting Elastic Explorer" while burpsuite throws the following exception:

java.util.concurrent.ExecutionException: java.lang.NoClassDefFoundError: com/fasterxml/jackson/databind/ObjectMapper
    at java.base/java.util.concurrent.FutureTask.report(FutureTask.java:122)
    at java.base/java.util.concurrent.FutureTask.get(FutureTask.java:191)
    at java.desktop/javax.swing.SwingWorker.get(SwingWorker.java:613)
    at com.nccgroup.loggerplusplus.exports.ElasticExporterControlPanel$2$1.done(ElasticExporterControlPanel.java:75)
    at java.desktop/javax.swing.SwingWorker$5.run(SwingWorker.java:750)
    at java.desktop/javax.swing.SwingWorker$DoSubmitAccumulativeRunnable.run(SwingWorker.java:848)
    at java.desktop/sun.swing.AccumulativeRunnable.run(AccumulativeRunnable.java:112)
    at java.desktop/javax.swing.SwingWorker$DoSubmitAccumulativeRunnable.actionPerformed(SwingWorker.java:858)
    at java.desktop/javax.swing.Timer.fireActionPerformed(Timer.java:311)
    at java.desktop/javax.swing.Timer$DoPostEvent.run(Timer.java:243)
    at java.desktop/java.awt.event.InvocationEvent.dispatch(InvocationEvent.java:318)
    at java.desktop/java.awt.EventQueue.dispatchEventImpl(EventQueue.java:773)
    at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:720)
    at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:714)
    at java.base/java.security.AccessController.doPrivileged(AccessController.java:400)
    at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:87)
    at java.desktop/java.awt.EventQueue.dispatchEvent(EventQueue.java:742)
    at java.desktop/java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:203)
    at java.desktop/java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:124)
    at java.desktop/java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:113)
    at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:109)
    at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101)
    at java.desktop/java.awt.EventDispatchThread.run(EventDispatchThread.java:90)
Caused by: java.lang.NoClassDefFoundError: com/fasterxml/jackson/databind/ObjectMapper
    at co.elastic.clients.json.jackson.JacksonJsonpMapper.<init>(JacksonJsonpMapper.java:56)
    at com.nccgroup.loggerplusplus.exports.ElasticExporter.setup(ElasticExporter.java:143)
    at com.nccgroup.loggerplusplus.exports.ExportController.enableExporter(ExportController.java:42)
    at com.nccgroup.loggerplusplus.exports.ElasticExporterControlPanel.enableExporter(ElasticExporterControlPanel.java:111)
    at com.nccgroup.loggerplusplus.exports.ElasticExporterControlPanel$2$1.doInBackground(ElasticExporterControlPanel.java:56)
    at com.nccgroup.loggerplusplus.exports.ElasticExporterControlPanel$2$1.doInBackground(ElasticExporterControlPanel.java:48)
    at java.desktop/javax.swing.SwingWorker$1.call(SwingWorker.java:304)
    at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:317)
    at java.desktop/javax.swing.SwingWorker.run(SwingWorker.java:343)
    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144)
    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642)
    at java.base/java.lang.Thread.run(Thread.java:1623)
Caused by: java.lang.ClassNotFoundException: com.fasterxml.jackson.databind.ObjectMapper
    ... 12 more

Providing libraries via burp extension configuration or launch options had no effect.

java -cp jackson-core-2.15.3.jar -cp jackson-databind-2.15.3.jar -cp elasticsearch-java-8.10.3.jar -jar burpsuite_pro_v2023.10.2.2.jar

Steps To Reproduce:

  1. Configure Elastic Exporter
  2. Click "Start Elastic Exporter"

Expected behavior:

Elastic exporter starts and exports the logs.

Version:

Logger++: 3.20.0 Elastic : 7.5.0 (as stated in issues/157 ) BurpSuite: v2023.10.2.2 (and v2023.10.1.x) OS: macOS Ventura 13.5.1 (22G90) JDK: openjdk version "20" 2023-03-21

The issue was observed on MacOS Ventura 13.5.1 (22G90) using Homebrew Openjdk, but is present in the bundled version as well. Also confirmed to be not working on other MacOS installations/devices.

openjdk version "20" 2023-03-21
OpenJDK Runtime Environment Homebrew (build 20)
OpenJDK 64-Bit Server VM Homebrew (build 20, mixed mode, sharing)

Thank you in advance for your help.

CoreyD97 commented 1 year ago

Thanks for the report, looking into this now

CoreyD97 commented 1 year ago

Unfortunately, the Elastic API doesn't have any backwards compatibility so when #157 is merged into master Elastic 7.x will be unsupported. I'll close this issue for this reason and use #157 to track the reintegration of Elastic exports.