Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Dastardly

zanche | Last updated: May 16, 2023 09:40AM UTC

HI, I would like to use dastardly to scan a website but internally we have a proxy to go out on the internet, how can I run dastardly and set the outgoing proxy for it? The command that I launch is: docker run --user $(id -u) --rm -v $(pwd):/dastardly -e DASTARDLY_TARGET_URL=https://ginandjuice.shop -e HTTP_PROXY=http://10.20.1.1:3128 -e HTTPS_PROXY=http://10.20.1.1:3128 -e DASTARDLY_OUTPUT_FILE=/dastardly/dastardly-report.xml public.ecr.aws/portswigger/dastardly:latest The error: Installing or running Dastardly affirms your agreement to the Terms of Service https://portswigger.net/burp/dastardly/eula 2023-05-16 09:36:17 INFO dastardly.StartDastardly - Using Java version 17.0.4 2023-05-16 09:36:20 INFO bsee.BurpProcess.scan.scan-1 - May 16, 2023 9:36:20 AM java.util.prefs.FileSystemPreferences$1 run 2023-05-16 09:36:20 INFO bsee.BurpProcess.scan.scan-1 - INFO: Created user preferences directory. 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - 2023-05-16 09:36:33: REST API running on http://localhost:45613/ 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - [Thread: 30] 2023-05-16 09:36:33.233 1015781533625606, net.portswigger.or INFO - connectedSocket, opened new socket: 1318700625 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - Exception report: 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - Category: FAILED_ASSERTION 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - Detail: 2023-05-16 09:36:33 ERROR bsee.BurpProcess.scan.scan-1 - java.lang.AssertionError: <<00005000>> 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - at net.portswigger.yw.G(Unknown Source) 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - at net.portswigger.yw.F(Unknown Source) 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - at burp.kuf.u(Unknown Source) 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - at burp.kuf.G(Unknown Source) 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - at burp.ztw.D(Unknown Source) 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - at burp.ztw.o(Unknown Source) 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - at burp.gz1.lambda$checkForUpdates$0(Unknown Source) 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - at java.base/java.util.concurrent.FutureTask.run(Unknown Source) 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - at java.base/java.lang.Thread.run(Unknown Source) 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - -------------------------------------------------------------------------------- 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - Exception report: 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - Category: FAILED_ASSERTION 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - Detail: 2023-05-16 09:36:33 ERROR bsee.BurpProcess.scan.scan-1 - java.lang.AssertionError: <<00005000>> 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - at net.portswigger.yw.G(Unknown Source) 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - at net.portswigger.yw.F(Unknown Source) 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - at burp.kuf.u(Unknown Source) 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - at burp.kuf.G(Unknown Source) 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - at burp.ztw.D(Unknown Source) 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - at burp.ztw.o(Unknown Source) 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - at burp.gz1.lambda$checkForUpdates$0(Unknown Source) 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - at java.base/java.util.concurrent.FutureTask.run(Unknown Source) 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - at java.base/java.lang.Thread.run(Unknown Source) 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - -------------------------------------------------------------------------------- 2023-05-16 09:36:33 INFO bsee.BurpProcess.scan.scan-1 - 2023-05-16 09:36:35 INFO bsee.BurpProcess.scan.scan-1 - Debug ID: 523ddmzgrniryq5atjcz:3n10 2023-05-16 09:36:35 INFO bsee.BurpProcess.scan.scan-1 - Burp Version: 2022.12.4-17983 2023-05-16 09:36:35 INFO bsee.BurpProcess.scan.scan-1 - Product Name: Dastardly from Burp Suite 2023-05-16 09:36:38 INFO bsee.BurpProcess.scan.scan-1 - [Thread: 74] 2023-05-16 09:36:38.194 1015786494378735, net.portswigger.or INFO - connectedSocket, opened new socket: 690613952 2023-05-16 09:36:38 INFO bsee.BurpProcess.scan.scan-1 - Received metric CRAWLING 0 0 2023-05-16 09:36:38 INFO bsee.BurpProcess.scan.scan-1 - 2023-05-16 09:36:38: Crawl failed! Could not connect to any seed URLs. 2023-05-16 09:36:43 INFO bsee.BurpProcess.scan.scan-1 - Received metric FAILED 0 0 2023-05-16 09:36:43 INFO bsee.BurpProcess.scan.scan-1 - Scan finished exceptionally: 1 2023-05-16 09:36:43 INFO dastardly.ScanProgress - Scan has failed with error code: 1114 and error message: Could not connect to any seed URLs. 2023-05-16 09:36:43 INFO dastardly.EventLogPrinter - May 16 2023 09:36:36 INFORMATION Crawl started. 2023-05-16 09:36:43 INFO dastardly.EventLogPrinter - May 16 2023 09:36:38 INFORMATION Could not connect to any seed URLs. 2023-05-16 09:36:44 INFO bsee.BurpProcess.scan.scan-1 - Deleting temporary files - please wait ... done.

Thomas, PortSwigger Agent | Last updated: May 16, 2023 10:47AM UTC

Hi, Thank you for getting in contact for your Dastardly setup. Unfortunately, there is no configurable aspect of Dastardly relating to proxy services and it is not possible to use Dastardly in the way you are describing. The CI/CD build agent or node where Docker is running must be able to access the target application you want to scan as well as PortSwigger's public image repository (public.ecr.aws/portswigger/). For more information please refer to our documentation: https://portswigger.net/burp/documentation/dastardly

zanche | Last updated: May 16, 2023 01:01PM UTC