Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Java Error Occured during Pentesting on .jsp webpage

Cybernewbie | Last updated: May 29, 2018 07:34AM UTC

I have been prompted with the below java error on doing the Security testing with help of burp suite scanner to test for vulnerabilities . I would like to inform that response code of response is 400, 404 etc and session is available even after severe testing . I would like to know on how to pertained with issue in this case on client side or server side end. Please clarify me the doubts in this case? "java.net.SocketException: Software caused connection abort: recv failed" and " java.net.SocketException: Software connection reset" in Burp tool alert How can go ahead on resolving this issue?

PortSwigger Agent | Last updated: May 29, 2018 07:42AM UTC

This error is a symptom of overload, either on the server, or your workstation. A good way to check if the server is overloaded is to try accessing the application from another computer. In general, what you need to do is reduce the intensity of the scan. In Scanner > Options > Active Scanning Engine. There is an option for "Concurrent request limit" Try reducing this somewhat. The default is 10; if you've previously increased it, try going back to 10. Otherwise, try reducing it to 5. There is a similar setting in Spider > Options > Spider Engine. If you're still having difficulty, it would be helpful to know a bit more about the client and server OS and other software.

Burp User | Last updated: May 30, 2018 09:34AM UTC

Hi Paul Thanks for your help. I even tried it with less “Concurrent request limit” Try reducing it to 1 or 2 . Even after that it is prompted with an issue amd same with spider . I'm having issue while doing an automated scan with .JSP webpages resulted in frequent failure in Alert tabs & 404,400 in logger++. Also attempted with latest java install. It seems that client OS is windows 7 & server OS is 2008R2. Let me know , if you can able to provide an solution . I also an another link it indicates due to database error : https://javarevisited.blogspot.in/2016/01/javanetsocketexception-software-caused-connection-abort-recv-failed.html Let me know , how this can be related in this case.

PortSwigger Agent | Last updated: May 31, 2018 08:02AM UTC