Burp Suite User Forum

How to scan all urls of a webpage from command line.

Anjani | Last updated: May 31, 2018 09:53AM UTC

Hi Team, I have used carbonate to san url from the command line where i can pass one url at a time and it scans the url and gives me the HTML report. Can i scan all the urls of a webpage from command line at a time. Please help. Thanks and Regards, Anjani.

PortSwigger Agent | Last updated: May 31, 2018 10:03AM UTC

Hi Anjani, Thanks for your message. When you give Carbonator a URL, it will do a Spider to discover all the URLs on that site, then scan all of them. What I recommend you do is run Burp and Carbonator, but NOT in headless mode. When Carbonator is finished, you can look in the Burp UI - especially Site Map and Scan Queue - to see what it has done.

Burp User | Last updated: May 31, 2018 11:14AM UTC

Hi Paul, Thanks for your reply. It was a great help. I tried without headless and observed result. It scanned the file which i have mentioned below in the command line. I am using this command in my simple command prompt : java -jar -Xmx2g -Djava.awt.headless=true "D:\URLs\Security Testing\burpsuite_pro_1.7.33.jar" --config-file="D:\URLs\Security Testing\t.json" http localhost 8088 /WebApplication1/web/login.jsp /folder I am not sure how the carbonator is being in this. Will carbonator be called automatically internally if it is present in the Extender list. If i have a folder where i have multiple .jso files and i want to scan all of them in one go then how to do that. Please help. Thanks and Regards, Anjani.

PortSwigger Agent | Last updated: May 31, 2018 11:16AM UTC

Hi Anjani, Thanks for following up. Carbonator is invoked automatically when you start Burp, and if it sees command line arguments it will start a scan. Instead of telling Carbonator a page, you're better giving it a prefix, like /WebApplication1/web/ It should then find everything under the prefix and scan it all. We're aware that Carbonator is quite limited. We're working on improvements to Burp that will implement similar - but much improved - functionality within core Burp. Please let us know if you need any further assistance.

Burp User | Last updated: May 31, 2018 01:37PM UTC

Hi Paul, Thanks for your reply. I tried the below command : java -jar -Xmx2g -Djava.awt.headless=true "D:\URLs\Security Testing\burpsuite_pro_1.7.33.jar" --config-file="D:\URLs\Security Testing\t.json" http localhost 8088 /WebApplication1/web/ /folder even tried : java -jar -Xmx2g -Djava.awt.headless=true "D:\URLs\Security Testing\burpsuite_pro_1.7.33.jar" --config-file="D:\URLs\Security Testing\t.json" http localhost 8088 /WebApplication1/web/ It is not scanning any file. I have 2 .jsp files in the path /WebApplication1/web/ Please help. Thanks and Regards, Anjani.

PortSwigger Agent | Last updated: May 31, 2018 01:42PM UTC

Hi Anjani, Ok, I think you are hitting the limits of Carbonator here. The only way would be to invoke Carbonator multiple times from a batch file or shell script. You could try Headless Burp. This is similar to Carbonator but works a little differently: - https://github.com/NetsOSS/headless-burp Failing that, you'll either have to code your own extension, or wait for this functionality to be part of core Burp.

You need to Log in to post a reply. Or register here, for free.