Burp community forum

Burp Enterprise and Professional scan results are not matching

Govind | Last updated: Jul 02, 2019 08:19AM UTC

Hello, I performed scanning of web application using Burp Professional and Burp Enterprise separately. Currently the application is not available for scan outside the client environment. Burp Professional Version: 1.7.37 Burp Enterprise version: 1.0.17beta Burp Professional scan option: Actively scan this host Burp Enterprise scan option: All the drop down scan options The scan summary of Enterprise shows 0 issues whereas the scan of Professional shows 2 High issues. Here I am not able to attach the scan results. Please let us know the reason for variance in scan results. We are running short of time as trial version is going to expire on July 7th. Thanks, Govind

Liam, PortSwigger Agent | Last updated: Jul 02, 2019 10:10AM UTC

Govind, are you running these scans from the same machine? Could you update to Burp Pro 2.1 and update to the latest version of Burp Enterprise. Let us know if you encounter the same differences in results. If so, check that the scan in Burp Enterprise crawled correctly? Make a note of the "Number of locations crawled" which is on the Dashboard in Burp 2. When you perform a scan using Burp Enterprise you can check the number of locations matches.

Burp User | Last updated: Jul 03, 2019 11:39AM UTC

Hello Liam, We cannot update the Burp Pro to 2.1 as this is being used by other teams as well. To verify consistency in scan between Enterprise and Professional version we are scanning : https://portswigger.net as suggested by Burp support team. When I am trying to scan this site on Enterprise I am getting this error: "Error starting scan on Burp: Unknown host:portswigger.net". Please suggest solution for this. Thanks, Govind

Liam, PortSwigger Agent | Last updated: Jul 03, 2019 01:45PM UTC

Govind, the error message suggests that the Agent is unable to connect to the target application. Are you able to connect to the target from the agent using a browser or Curl? Does you system satisfy the our networking requirements? Users and API clients need to access the web server on a port that you can select (by default, 8080). The Enterprise server needs to access portswigger.net on port 443, to carry out license activation and software updates. Note that this access is needed for ongoing usage of the software, not only during initial installation. You can configure a network proxy if this is needed to reach the public web. If you install agents on any external machines, these need to access the Enterprise server machine on port 8072. If you use the bundled database, then any external agent machines will need to access the Enterprise server machine on port 9092. If you use an external database, then the Enterprise server and any external agents will need to access the database service on the configured host and port. Agents will need to access the sites that are to be scanned (on ports 80, 443, etc. as required). To gain the full benefit of Burp Suite's out-of-band vulnerability detection technology, agents will need to access burpcollaborator.net on port 443. - https://portswigger.net/burp/documentation/enterprise/getting-started/system-requirements

Burp User | Last updated: Jul 04, 2019 12:39PM UTC

Hello Liam, Yes I am able to connect the Target application from the browser on the agent machine. Currently the Burp Enterprise evaluation version is installed on machine with Bundled Database and 1 agent on same machine. We have configured the Burp Enterprise Network setting and Community edition with same proxy. The Community edition 'Proxy Listeners' does not accept port: 8072 & 9092 with Running option as enabled. Tried with 443 but getting same error. Please suggest. Thanks, Govind

Rose, PortSwigger Agent | Last updated: Jul 04, 2019 12:53PM UTC

I'm wondering whether you have a problem with your Burp Community edition that is set up to enable authentication for your proxy. Can you make sure the following is correct: - Configure Burp Desktop so it is listening on localhost:8081 and has an upstream proxy (User options > Connection) set to match your corporate proxy. You can provide authentication here. - Then in Burp enterprise, configure the network proxy to be your Burp Desktop instance on localhost:8081 - Remember that you will need to ensure that intercept is turned off in the Proxy, as per the screenshot we sent in a previous case. If you are still having issues, please can you replicate the issue then send us the latest log files to support@portswigger.net. By default these are in C:\ProgramData\BurpSuiteEnterpriseEdition on Windows and /var/log/BurpSuiteEnterpriseEdition/ on Linux.

Burp User | Last updated: Jul 08, 2019 07:03AM UTC

Hello Rose, I mailed you all the required details, please go through it and let me know any changes need to be done. Thanks, Govind

You need to Log in to post a reply. Or register here, for free.