Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Burpsuite Collaborator Not Working (Using Public PortSwigger Server)

Cameron | Last updated: Jan 06, 2022 05:40PM UTC

Hello everyone. I hope I am posting this in the correct channel. My question is regarding the Burpsuite Collaborator. My collaborator cannot connect to the Portswigger server and therefore does not work properly. Does anyone know of any configurations you need to do in order to make it work? I have contacted PortSwigger, they suspect it is a ISP issue. Just looking for more information because I do not know what to do and my collaborator is dead in the water. For installation of Burpsuite Pro: Download the Burp Pro .Jar file from my account page chmod +x .Jar file cd /usr/bin mv burpsuite burpsuite_old mv burpsuite.jar to /usr/bin as burpsuite (Basically removing the community version and replacing the pro version within /usr/bin) I discovered my issue when doing the PortSwigger labs. Following along with the solutions, I added the Collaborator address and clicked "Poll Now" only to have nothing happen. This led me to research and discover the "Health Check" feature. When I use the feature I get the following results: Server Address Resolution: Success Server HTTP Connection: Warning Server HTTPS Connection (trust enforced): Warning Server HTTPS Connection (trust not enforced): Warning Server SMTP Connection on port 25: Warning Server SMTP Connection on port 587: Warning Server SMTPS Connection (trust enforced): Warning Server SMTPS Connection (trust not enforced): Warning Polling Server address resolution: Success Polling Server Connection: Error "No connections to <Burp_collaborator_server.net> could be opened. The collaborator may still work, as long as the server under test can connect to this port. No connections to the polling server at polling.burpcollaborator.net could be opened. This collaborator will not work in this configuration."

Ben, PortSwigger Agent | Last updated: Jan 07, 2022 12:06PM UTC

Hi Cameron, Your Burp installation will be trying to access the public Burp Collaborator server in order to determine the presence of certain types of vulnerabilities. The health check is essentially double checking that connections can be successfully made to the various services that the public Collaborator uses. In your situation, it would appear that Burp is having issues making these connections. Would you happen to be using Burp in an environment that has restrictions on the outbound connectivity (a corporate environment, for example)?

Philip | Last updated: Mar 17, 2022 08:38PM UTC

I am having the same issue. I just upgraded my old Burp Suite to the new v2022.2.4 and tried to run a scan. I keep getting "Burb Collaborator server used by the Burp Collaborator client is not reachable, change the setting ..." I am using the default Burp Collaborator and it was working in my old version. What changed? Can somebody help me resolve this.

Ben, PortSwigger Agent | Last updated: Mar 18, 2022 10:03AM UTC

Hi Philip, If you run the Burp Collaborator health check via Project options -> Misc -> Burp Collaborator Server -> Run health check, what results do you see? At this precise moment, all of our tests are passing and the public Burp Collaborator appears to be working as expected. Has nothing else changed within your environment in the interim? Do you have the ability to install/run the previous version of Burp that did not have this connectivity issue (you can obtain any of our previous releases from our release page here - https://portswigger.net/burp/releases#professional) - it would be interesting to know whether you still see the same difference in behaviour between the two versions.

David | Last updated: Mar 18, 2022 07:37PM UTC

I am having the same issue. I have tried enabling "Poll over unencrypted http" and I still get the results below. I tried access the page from multiple browsers as well, no good. I have tried disabling my firewall and antivirus as well as adding the page to my trusted sites. I also tried using curl and get connection refused. Any help would be greatly appreciate. Initiating health check Server address resolution Success Server HTTP connection Warning Server HTTPS connection (trust enforced) Warning Server HTTPS connection (trust not enforced) Warning Server SMTP connection on port 25 Warning Server SMTP connection on port 587 Warning Server SMTPS connection (trust enforced) Warning Server SMTPS connection (trust not enforced) Warning Polling server address resolution Success Polling server connection Error

Philip | Last updated: Mar 20, 2022 06:43AM UTC

This is what I get when I run the Burb Collaborator Health Check: Initiating health check Server address resolution Success Server HTTP connection Warning Server HTTPS connection (trust enforced) Warning Server HTTPS connection (trust not enforced) Warning Server SMTP connection on port 25 Warning Server SMTP connection on port 587 Warning Server SMTPS connection (trust enforced) Warning Server SMTPS connection (trust not enforced) Warning Polling server address resolution Success Polling server connection Error I also enabled "Poll over unencrypted HTTP" and I am still getting the same messages shown above when I run the health check.

Philip | Last updated: Mar 20, 2022 06:44AM UTC

This dis not happen in my old version of Burp. It was after I upgraded to the latest version that all this started.

Ben, PortSwigger Agent | Last updated: Mar 21, 2022 08:46AM UTC

Hi David, Are you sure you have connectivity to the various services that the public Collaborator is using? Can you browse to http://burpcollaborator.net/ in your browser? If you open the Burp Collaborator client, click the 'Copy to clipboard' button and then paste the resulting payload into a browser are you a) able to get a response and b) if you click the 'Poll now' button in the client, do you see any interactions listed?

Ben, PortSwigger Agent | Last updated: Mar 21, 2022 08:48AM UTC

Hi Philip, Just to clarify, you have now tried this using the old version and you are seeing different results to when you use the latest version of Burp or do you mean that you previously did not have any issues (as noted, it would be interesting to know if the older version still works as of now)? Are you also able to perform the tests that I have detailed above for David and let me know whether you can perform any of them?

Philip | Last updated: Mar 22, 2022 07:43AM UTC

The old version was working fine. I do not have the old version anymore because I uninstalled it during the install of the new version. All I have now is the new version and I am getting this Collaborator server error. I went to both Chrome and Edge browsers and entered http://burpcollaborator.net and I get the following: "This site can’t be reachedburpcollaborator.net refused to connect. Try: Checking the connection Checking the proxy and the firewall ERR_CONNECTION_REFUSED" I have tried 3 different machines and I get the same thing. I went to the command line and pinged burpcollaborator.net and the that it returns is 127.0.0.54.

Ben, PortSwigger Agent | Last updated: Mar 22, 2022 11:55AM UTC

Hi Philip, Can you do the following for us. If you perform an NSLookup for burpcollaborator.net on the command line of your machine, what results do you receive back? If you then use the following site, to use Google's public DNS service, and perform the same check with burpcollaborator.net: https://dns.google/ Are the IP addresses returned by both methods the same or are they different?

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.