Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Assistance With Private Collaborator Setup

Dan | Last updated: Oct 25, 2020 10:21PM UTC

Hello, I have been trying to set up a private collaborator server using a domain purchased at Amazon Route 53 that points to a Digital Ocean Droplet. I have changed the nameservers in Route 53 to point to DigitalOcean nameservers. After that I have been following this guide to setup the collaborator: https://blog.fabiopires.pt/running-your-instance-of-burp-collaborator-server/ I want to use a subdomain for the collaborator such as collaborator.*********.net. After following the guide and running the Collaborator Health check, I receive error : Polling server address resolution error - "The capture server hostname dj0z75mry5ee0uute20pvs64bvh8vrf9jc8.collaborator.*********.net could not be resolved to an IP address. Ensure that an appropriate DNS entry exists for the server." I believe the issue lies in my DNS set up. I am uncertain if I need to create the NS1 record for the subdomain on DigitalOcean or if I need to set it up on Amazon Route 53. Nameserver Setup on Route 53 for Base domain: ns1.digitalocean.com ns2.digitalocean.com ns3.digitalocean.com DigitalOcean Records: A ****.net directs to 201.81.**.** (Droplet VPS) TXT _acme-challenge.collaborator.*******.net ********vZj1vAe4NQuksjvu11uPo TXT _acme-challenge.collaborator.*******.net ********GNfqEUFLmwyHX5UPai3NslfANq16Mhgy0g NS collaborator.********.net points to ns1.collaborator.*******.net A ns1.collaborator.******.net directs to 201.81.**.** (Droplet VPS) Collaborator Config File: { "serverDomain" : "collaborator.***.net", "workerThreads" : 10, "eventCapture": { "localAddress" : [ "206.81.**.**" ], "publicAddress" : "206.81.**.**", "http": { "ports" : 3380 }, "https": { "ports" : 33443 }, "smtp": { "ports" : [3325, 33587] }, "smtps": { "ports" : 33465 }, "ssl": { "certificateFiles" : [ "/usr/local/collaborator/keys/privkey.pem", "/usr/local/collaborator/keys/cert.pem", "/usr/local/collaborator/keys/fullchain.pem" ] } }, "polling" : { "localAddress" : "206.81.**.**", "publicAddress" : "206.81.**.**", "http": { "port" : 39090 }, "https": { "port" : 39443 }, "ssl": { "certificateFiles" : [ "/usr/local/collaborator/keys/privkey.pem", "/usr/local/collaborator/keys/cert.pem", "/usr/local/collaborator/keys/fullchain.pem" ] } }, "metrics": { "path" : "jnaicmez8", "addressWhitelist" : ["0.0.0.0/1"] }, "dns": { "interfaces" : [{ "name":"ns1.collaborator.****.net", "localAddress":"206.81.**.**", "publicAddress":"206.81.**.**" }], "ports" : 3353 }, "logLevel" : "INFO" } I receive no errors when launching the service in VPS: 2020-10-25 22:19:12.596 : Using configuration file /usr/local/collaborator/collaborator.config 2020-10-25 22:19:12.862 : Listening for HTTP on 206.81.15.194:3380 2020-10-25 22:19:12.859 : Listening for HTTP on 206.81.15.194:39090 2020-10-25 22:19:12.859 : Listening for SMTP on 206.81.15.194:3325 2020-10-25 22:19:12.858 : Listening for SMTP on 206.81.15.194:33587 2020-10-25 22:19:12.883 : Listening for DNS on 206.81.15.194:3353 2020-10-25 22:19:13.074 : Listening for SMTPS on 206.81.15.194:33465 2020-10-25 22:19:13.075 : Listening for HTTPS on 206.81.15.194:33443 2020-10-25 22:19:13.076 : Listening for HTTPS on 206.81.15.194:39443 Ports have been forwarded using IPTables per the above guide. DiG 9.16.1-Ubuntu <<>> collaborator.******.net ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 53960 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;collaborator.*******.net. IN A What am I missing here?

Dan | Last updated: Oct 25, 2020 10:23PM UTC

I forgot to add my settings in burp for the collaborator: server location : collaborator.********.net polling location : collaborator.*******.net:9443

Michelle, PortSwigger Agent | Last updated: Oct 26, 2020 10:11AM UTC

Hi Thanks for letting us know, I'm glad that's sorted. If you do have any other questions though, please let us know

Dan | Last updated: Oct 27, 2020 02:49AM UTC

I apologize if my last comment was misleading. I have not been able to resolve the issue yet. I was just adding my burp collaborator settings incase they were needed as well.

Michelle, PortSwigger Agent | Last updated: Oct 27, 2020 02:07PM UTC

Sorry, I misunderstood that! What you’re aiming for with the DNS configuration is that any DNS requests for your collaborator domain (collaborator.****.net) are delegated to your private Collaborator server’s DNS (ns1.collaborator.****.net) You will also need to configure glue records to associate ns1.collaborator.****.net with the IP of your collaborator server 206.81.**.** This link might help to explain things in more detail: https://portswigger.net/burp/documentation/collaborator/deploying#dns-configuration If there are details you’d prefer to share with us directly rather than on the forum, feel free to email us using support@portswigger.net

Dan | Last updated: Oct 28, 2020 03:05AM UTC

Thank you very much for the reply. I did look over the document above and have set the NS records accordingly. I pointed the NS records to the public IP of my VPS. When I ran the health check for collaborator, every check came up as a warning in orange and then at the end, the polling server connection failed. If I am using the domain (not a subdomain) strictly for the collaborator, do I have to also have stand-alone A records for the domain, including a wildcard record that also point to the VPS or will the Glued NS records suffice ?

Michelle, PortSwigger Agent | Last updated: Oct 28, 2020 02:01PM UTC