Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Burp collaborator issue when using upstream proxy

Maurizio | Last updated: May 14, 2018 01:16PM UTC

Dear Sir, I saw that the burp collaborator support upstream proxy during the healt check, in my current setup the health check is fully green. Using our collaborator server. But the in the alert window I continue to get "The Burp Collaborator server used by the Burp Collaborator client is not reachable, change the settings to use this feature." It's possible that the health check and the standard collaborator use some different options to setup the connection? Maurizio

Burp User | Last updated: May 14, 2018 01:44PM UTC

More details: my current upstream proxy config is: collaborator.acme.com -> no proxy *.collaborator.acme.com -> no proxy * -> with upstream proxy During the health checks it use no proxy configuration and the collaborator is reached. During the normal running of burp it use the last upstream proxy setting ignoring the previous lines. Maurizio

PortSwigger Agent | Last updated: May 15, 2018 09:43AM UTC

Hi Maurizio, Thanks for your message. Are you using any extensions that make use of Collaborator? You may need to restart the extension after the proxy settings are changed. Just to be clear, you're using no proxy for Collaborator, and a proxy for everything else. This seems a slightly unusual setup - is there a particular reason for it? If it's possible to configure your proxy to allow access to Collaborator, that may be a quic way to get you working.

Burp User | Last updated: May 15, 2018 02:41PM UTC

Hi Paul, I found the problem... The https://github.com/PortSwigger/handy-collaborator plugin get the collaborator setting only at loading time and doesn't not update the burp server if the user change the project option. In this way the handy collaborator was requesting the standard burpcollaborator.net that is not reachable from there. I know that it was a strange setup, but we was testing something on an internal network with routing on the collaborator on a second network interface used only to reach the collaborator. It is possible that also collaborator-everywhere is affected from the same problem (not tested), I will take a look into it. There is a callback or something that can allow to the extension to identify changes in the configuration? I will ask to the developer a fix in the next days. Thank you in advance. Maurizio

PortSwigger Agent | Last updated: May 15, 2018 02:44PM UTC

Hi Agazzini, Thanks for following up. One thing you could do yourself is store your Collaborator config in a configuration file that you load at startup - before Handy Collaborator starts. The Handy Collaborator extension could work around this too. There isn't a callback that notifies a change in the config, so it would be a bit messy. We are looking at the feasibility of fixing this is core Burp, but there are some difficult cornet-cases, and given this is a fairly rare issue, it won't be implemented for some time. Please let us know if you need any further assistance.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.