Burp Suite User Forum

Login to post

Assistance With Private Collaborator Setup

Dan | Last updated: Oct 25, 2020 10:21PM UTC

Hello, I have been trying to set up a private collaborator server using a domain purchased at Amazon Route 53 that points to a Digital Ocean Droplet. I have changed the nameservers in Route 53 to point to DigitalOcean nameservers. After that I have been following this guide to setup the collaborator: https://blog.fabiopires.pt/running-your-instance-of-burp-collaborator-server/ I want to use a subdomain for the collaborator such as collaborator.*********.net. After following the guide and running the Collaborator Health check, I receive error : Polling server address resolution error - "The capture server hostname dj0z75mry5ee0uute20pvs64bvh8vrf9jc8.collaborator.*********.net could not be resolved to an IP address. Ensure that an appropriate DNS entry exists for the server." I believe the issue lies in my DNS set up. I am uncertain if I need to create the NS1 record for the subdomain on DigitalOcean or if I need to set it up on Amazon Route 53. Nameserver Setup on Route 53 for Base domain: ns1.digitalocean.com ns2.digitalocean.com ns3.digitalocean.com DigitalOcean Records: A ****.net directs to 201.81.**.** (Droplet VPS) TXT _acme-challenge.collaborator.*******.net ********vZj1vAe4NQuksjvu11uPo TXT _acme-challenge.collaborator.*******.net ********GNfqEUFLmwyHX5UPai3NslfANq16Mhgy0g NS collaborator.********.net points to ns1.collaborator.*******.net A ns1.collaborator.******.net directs to 201.81.**.** (Droplet VPS) Collaborator Config File: { "serverDomain" : "collaborator.***.net", "workerThreads" : 10, "eventCapture": { "localAddress" : [ "206.81.**.**" ], "publicAddress" : "206.81.**.**", "http": { "ports" : 3380 }, "https": { "ports" : 33443 }, "smtp": { "ports" : [3325, 33587] }, "smtps": { "ports" : 33465 }, "ssl": { "certificateFiles" : [ "/usr/local/collaborator/keys/privkey.pem", "/usr/local/collaborator/keys/cert.pem", "/usr/local/collaborator/keys/fullchain.pem" ] } }, "polling" : { "localAddress" : "206.81.**.**", "publicAddress" : "206.81.**.**", "http": { "port" : 39090 }, "https": { "port" : 39443 }, "ssl": { "certificateFiles" : [ "/usr/local/collaborator/keys/privkey.pem", "/usr/local/collaborator/keys/cert.pem", "/usr/local/collaborator/keys/fullchain.pem" ] } }, "metrics": { "path" : "jnaicmez8", "addressWhitelist" : ["0.0.0.0/1"] }, "dns": { "interfaces" : [{ "name":"ns1.collaborator.****.net", "localAddress":"206.81.**.**", "publicAddress":"206.81.**.**" }], "ports" : 3353 }, "logLevel" : "INFO" } I receive no errors when launching the service in VPS: 2020-10-25 22:19:12.596 : Using configuration file /usr/local/collaborator/collaborator.config 2020-10-25 22:19:12.862 : Listening for HTTP on 206.81.15.194:3380 2020-10-25 22:19:12.859 : Listening for HTTP on 206.81.15.194:39090 2020-10-25 22:19:12.859 : Listening for SMTP on 206.81.15.194:3325 2020-10-25 22:19:12.858 : Listening for SMTP on 206.81.15.194:33587 2020-10-25 22:19:12.883 : Listening for DNS on 206.81.15.194:3353 2020-10-25 22:19:13.074 : Listening for SMTPS on 206.81.15.194:33465 2020-10-25 22:19:13.075 : Listening for HTTPS on 206.81.15.194:33443 2020-10-25 22:19:13.076 : Listening for HTTPS on 206.81.15.194:39443 Ports have been forwarded using IPTables per the above guide. DiG 9.16.1-Ubuntu <<>> collaborator.******.net ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 53960 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;collaborator.*******.net. IN A What am I missing here?

Dan | Last updated: Oct 25, 2020 10:23PM UTC

I forgot to add my settings in burp for the collaborator: server location : collaborator.********.net polling location : collaborator.*******.net:9443

Michelle, PortSwigger Agent | Last updated: Oct 26, 2020 10:11AM UTC

Hi Thanks for letting us know, I'm glad that's sorted. If you do have any other questions though, please let us know

Dan | Last updated: Oct 27, 2020 02:49AM UTC

I apologize if my last comment was misleading. I have not been able to resolve the issue yet. I was just adding my burp collaborator settings incase they were needed as well.

Michelle, PortSwigger Agent | Last updated: Oct 27, 2020 02:07PM UTC

Sorry, I misunderstood that! What you’re aiming for with the DNS configuration is that any DNS requests for your collaborator domain (collaborator.****.net) are delegated to your private Collaborator server’s DNS (ns1.collaborator.****.net) You will also need to configure glue records to associate ns1.collaborator.****.net with the IP of your collaborator server 206.81.**.** This link might help to explain things in more detail: https://portswigger.net/burp/documentation/collaborator/deploying#dns-configuration If there are details you’d prefer to share with us directly rather than on the forum, feel free to email us using support@portswigger.net

Dan | Last updated: Oct 28, 2020 03:05AM UTC

Thank you very much for the reply. I did look over the document above and have set the NS records accordingly. I pointed the NS records to the public IP of my VPS. When I ran the health check for collaborator, every check came up as a warning in orange and then at the end, the polling server connection failed. If I am using the domain (not a subdomain) strictly for the collaborator, do I have to also have stand-alone A records for the domain, including a wildcard record that also point to the VPS or will the Glued NS records suffice ?

Michelle, PortSwigger Agent | Last updated: Oct 28, 2020 02:01PM UTC

So I can be sure I'm picturing your setup correctly and not missing any important details, would you be happy to share a screenshot of the health check results and more detail on the DNS records/configuration you've set up, please? You can contact us directly using support@portswigger.net

You need to Log in to post a reply. Or register here, for free.