Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Get theVerify DNS interaction part working for my private Burp Collaborator

Robert | Last updated: May 13, 2020 07:40PM UTC

I have seen this question asked many times but none of the results worked for me and i have looked at your article for Deploying a private Burp Collaborator Server. So i have an ubuntu server on AWS. When i run --collaborator-server flag on the AWS machine all ports bind with no issues. When i run health check the only thing that fails is the Verify DNS interaction with "We communicated with the collaborator, and appeared to successfully record events, however when we attempted to retrieve the interaction records the expected records weren't present." I have my own domain with ionos.com for a personal website. I decided to make a subdomain and use the subdomain for burp collaborator. I created the following records: A *.burp.domain.com 3.18.xxx.xxx NS *.burp.domain.com ns1.burp.domain.com I noticed with or without the NS record i'm getting the same results from Burp Healthcheck. if i do nslookup for randomstring.burp.domain.com it resolves to my IP address. My burp collab.config file is as follows { "serverDomain" : "burp.domain.com", "workerThreads" : 10, "eventCapture": { "localAddress" : ["172.31.42.xxx", "127.0.0.1"], "publicAddress" : "3.18.xxx.xxx", "http": { "ports" : 80 }, "https": { "ports" : 443 }, "smtp": { "ports" : [25, 587] }, "smtps": { "ports" : 465 }, "ssl": { "certificateFiles" : [ "keys/privkey.pem", "keys/cert.pem", "keys/chain.pem" ] } }, "polling" : { "localAddress" : "172.31.42.xxx", "publicAddress" : "3.18.xxx.xxx", "http": { "port" : 9090 }, "https": { "port" : 9443 }, "ssl": { "certificateFiles" : [ "keys/privkey.pem", "keys/cert.pem", "keys/chain.pem" ] } }, "metrics": { "path" : "jnaicmez8", "addressWhitelist" : ["0.0.0.0/0"] }, "dns": { "interfaces" : [{ "name": "ns1.burp.comain.com", "localAddress" : "172.31.42.xxx", "publicAddress" : "3.18.xxx.xxx" }], "ports" : 53 }, "logLevel" : "INFO" }

Uthman, PortSwigger Agent | Last updated: May 14, 2020 09:03AM UTC

Hi Robert, Please try replacing your current A record with the below: A ns1.burp.domain.com 3.18.xxx.xxx Do you have a security group configured for your instance? Are the appropriate ports open?

Robert | Last updated: May 14, 2020 04:29PM UTC

Yes I have a security group configured and yes i opened up all the ports listed in the config file to be accessed by all IP ranges at the moment. I removed my A record i had (A *.burp.domain.com 3.18.xxx.xxx) and replaced it with the one you suggested (A ns1.burp.domain.com 3.18.xxx.xxx) then ran the bur health check and now i get: Server address resolution Warning Polling server address resolution Error The capture server hostname yacpyq3bqxq6fe5kqhd2xu415sb5po96d92.burp.domain.com could not be resolved to an IP address. Ensure that an appropriate DNS entry exists for the server. The polling server hostname polling.burp.domain.com could not be resolved to an IP address. Ensure that an appropriate DNS entry exists for the server.

Uthman, PortSwigger Agent | Last updated: May 15, 2020 07:38AM UTC

Apologies, can you try adding that A record back in on top of the existing one? Can you please email us with further information and screenshots? support@portswigger.net

Robert | Last updated: May 15, 2020 06:03PM UTC

ok done!

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.