Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Crawl/Audit detailed scope configuration does not persist when selected from library

John | Last updated: Jul 19, 2019 05:06PM UTC

When performing a Crawl+Audit or Crawl, Scan details > Detailed scope configuration > Included URL prefixes, changes are saved if typed manually but not if populated by "Select from library". The url list appears correctly in the text box when selected from library, but when you click OK and perform the crawl/audit it ignores those values. Dashboard > Tasks > Settings (gear icon) on the task confirms that the new list of urls never makes it into the task's included url prefixes. Steps to reproduce: 1) Right-click an entry url and click Scan 2) Scan details > Detailed scope configuration > Included URL prefixes currently includes the parent directory of the entry entry url. Add an additional url manually, then save to library. 3) Click OK to run the scan and observe that it honors the additional url. 4) Repeat 1-3, but this time Select from library and note your additional url appears in the text box, but does not appear in the resulting task's configuration.

Burp User | Last updated: Jul 19, 2019 05:11PM UTC

Version: Burp Suite Professional v2.1.01 for MacOS

Burp User | Last updated: Jul 19, 2019 05:22PM UTC

Workaround: 1) Select from library to populate urls 2) Select all, cut urls so the textbox is empty 3) Click Excluded URL prefixes tab 4) Click Included URL prefixes tab 5) Paste urls back into textbox The changes appear to be saved to the task at this point

Rose, PortSwigger Agent | Last updated: Jul 23, 2019 07:39AM UTC

John, sorry for the delayed response. Thanks for providing the steps to reproduce and the workaround. We'll try and recreate the issue and make a story for this.

Rose, PortSwigger Agent | Last updated: Jul 23, 2019 01:26PM UTC