Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Burp Collaborator Problem

Amir | Last updated: Sep 12, 2024 11:48AM UTC

I have installed burpsuite and the cerification tested it and all works fine, I can intercept the HTTP&HTTPS requests, but the collaborator doesn't works. I have tried to made a normal get request from the browser to the collaborator server https://4y3jxxxxxxxxxxs4xf3qrhx8l39s.oastify.com or http://4y3jxxxxxxxxxxs4xf3qrhx8l39s.oastify.com nothing happens and I didn't received any requests. I tried to run Collaborator Server health check and got the following: Initiating health check Server address resolution Success Server HTTP connection Success Server HTTPS connection (trust enforced) Warning Server HTTPS connection (trust not enforced) Success Server SMTP connection on port 25 Success Server SMTP connection on port 587 Success Server SMTPS connection (trust enforced) Success Server SMTPS connection (trust not enforced) Success Polling server address resolution Success Polling server connection Error A TLS error occurred when connecting to the capture server https://659f85539wn7b09a5jkqe7hw8ne0sjc1g45.oastify.com, but connecting did work if the certificate was not validated. This configuration will work if the server under test does not validate certificates, or has the capture server certificate installed. No connections to the polling server at polling.oastify.com could be opened. The collaborator will not work in this configuration. If you are using a self signed certificate on the collaborator, then the 'Poll over unencrypted HTTP' checkbox MUST be selected.

Michelle, PortSwigger Agent | Last updated: Sep 12, 2024 01:19PM UTC

Hi Can you tell us a bit more about your setup, please? - Which version of Burp are you using? Is it configured to use an upstream proxy server? - Are you able to connect to https://polling.oastify.com from a browser that is not proxied via Burp? (You should get a HTTP 400 response form the server) - Are you able to connect to https://polling.oastify.com from Burp's embedded browser? If so, what do you see under Settings > Network > TLS > Server TLS certificates as the Issuer? If it's easier to send a screenshot of this information, please send it to support@portswigger.net

Amir | Last updated: Sep 16, 2024 01:30PM UTC

1- I use burp V2024.7.5, using the default collaborator server. 2- I'm trying to brows to https://polling.oastify.com from the browser that is not proxied and getting HTTP 400 response from the server as expected. 3- can't connect to https://polling.oastify.com from Burp's embedded browser. 4- I see a lot of certificates one of them related to *.burpcollaborator.net

Dominyque, PortSwigger Agent | Last updated: Sep 17, 2024 12:25PM UTC