[bug] When using Burp Proxy, the status code is misinterpreted

p0dalirius / ApacheTomcatScanner

A python script to scan for Apache Tomcat server vulnerabilities.

https://podalirius.net/

GNU General Public License v3.0

783 stars 93 forks source link

Closed p0dalirius closed 2 years ago

p0dalirius commented 2 years ago

When using Burp Proxy, Burp sends an HTTP page with status code 200 to say "Error connecting to target". Leading to tons of false positives:

If I had to explain this issue in a meme: