Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

create embedded browser from docker

Prateek | Last updated: May 25, 2020 10:54PM UTC

Hi Team, I have below working crawl configuration to scan an authenticated application from BURP UI, where as if I'm trying to scan the same application using docker i'm seeing below error message in scan status from burp native API's. Also I have below option enabled under user options in both UI and docker, i'm a non-root user. User options - "enable_embedded_browser_sandbox":false BURP pro version - 2020.4.1 Crawl config - { "crawler":{ "customization":{ "allow_out_of_scope_resources":true, "allow_running_without_browser_sandbox":true, "browser_based_navigation_mode":"yes", "customize_user_agent":false, "maximum_items_from_sitemap":1000, "maximum_speculative_links":1000, "request_robots_txt":true, "request_sitemap":true, "request_speculative":true, "submit_forms":true, "timeout_for_in_progress_resource_requests":10, "user_agent":"" } } } Error message when executed scan using docker from native BURP api - "crawl_and_audit_caption": "Paused due to error: Crawl was configured to use embedded browser, but a browser could not be started", I installed chromium-chromedrive in docker and copied chromedriver-linux64 to docker. Could you please let me know the options to start embedded browser from docker.

Michelle, PortSwigger Agent | Last updated: May 26, 2020 07:43AM UTC

When performing a crawl and audit the embedded browser is turned on or off in the Crawl configuration settings under Miscellaneous -> Embedded Browser Options. Can you please confirm the specifications of the machine you are using (CPU/RAM)?

Prateek | Last updated: May 27, 2020 05:32AM UTC

Below is my crawl scan configuration and working fine from BURP UI, but when executing the same from docker i'm seeing error ""crawl_and_audit_caption": "Paused due to error: Crawl was configured to use embedded browser, but a browser could not be started". Crawl scan config - { "crawler":{ "customization":{ "allow_out_of_scope_resources":true, "allow_running_without_browser_sandbox":true, "browser_based_navigation_mode":"yes", "customize_user_agent":false, "maximum_items_from_sitemap":1000, "maximum_speculative_links":1000, "request_robots_txt":true, "request_sitemap":true, "request_speculative":true, "submit_forms":true, "timeout_for_in_progress_resource_requests":10, "user_agent":"" } } } user_options file "enable_embedded_browser_sandbox":true We are running with below options, even then we are not able to proceed further with scanning the application. chmod 4755 ~/.BurpSuite/burpbrowser Machine details - 4CPU/16GB RAM

Prateek | Last updated: May 27, 2020 05:36AM UTC

Could you also let us know the options on how to check embedded browser health check and enable verbose logging on BURP. We tried using --diagnostics but it was not logging any debug logs. Are there any plugins available to check health check and BURP debug level logs.

Michelle, PortSwigger Agent | Last updated: May 27, 2020 12:53PM UTC

You can run a health check on the embedded browser by going to the Help menu and choosing ‘Embedded Browser health check’. Do you see the same issues if you test running the scan from the UI, are there any errors in the event log on the Dashboard? More detailed bugs of crawl issues can be found by enabling logging in the crawl configuration under Crawl Optimization -> Click the cog next to Crawl Strategy to access Crawl strategy tuning -> Enable logging. You can specify a file where the logs can be saved and then email a copy of the file to support@portswigger.net so we can review it.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.