Burp Suite User Forum

Login to post

burp collaborator

Bappe | Last updated: Dec 14, 2019 02:28PM UTC

When we perform automated or manual scan then , the collaborator payload that burp inject to target application then is it possible that target application hold the payload or delete that payload after closing the scan?

Ben, PortSwigger Agent | Last updated: Dec 16, 2019 09:50AM UTC

Hi, In general, any Collaborator-related payload that Burp sends to the target application might cause deferred interactions with the Collaborator server. This can happen in two main ways: Conventional storage and later processing of input, e.g. stored SQL injection. Immediate asynchronous processing, e.g. by a mail spooler. When Burp polls the Collaborator server to retrieve details of any interactions that were triggered by a given test, it will also receive details of any deferred interactions that have resulted from its earlier tests. Burp can then report the relevant issues to the user retrospectively. Please let us know if you require any further information.

You need to Log in to post a reply. Or register here, for free.