Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Jenkins plugin fail

Todd | Last updated: Jul 23, 2021 06:50PM UTC

Developer who manages Jenkins server for a CI pipeline reports: the Burp plugin installed successfully and offers the options they mention in the instruction but they are non-responsive for some reason, just nothing happens. I tried installing it twice and also completely restarted the Jenkins server but it is the same. There are no error messages related to this issue and nothing in the logs to indicate the source of the problem.

Todd | Last updated: Jul 23, 2021 06:55PM UTC

More details: For Burp Suite I installed burp-jenkins-integration-2021.3-49.hpi plugin (twice) and attempted to create a Build step in a Freestyle project. The options for the Burp scan are offered indicating the plugin installed successfully however nothing happens (no error, just non-responsive) when either option is chosen. I'm afraid I'm not sure what may be happening there. It could be our Jenkins environment is missing some kind of prerequisite component or something to that extent. I could not locate any similar reports online.

James, PortSwigger Agent | Last updated: Jul 26, 2021 08:15AM UTC

Hi Todd,

Thanks for getting in touch, A few things to check:

Which version of Burp Enterprise and Jenkins are you using? The plugin requires Java 9 or above so you would need to ensure Jenkins is using Java 11 for the plugin to work.

Did you add your Jenkins server URL into Settings > Network > Allowed Origins for GraphQL API on your Enterprise server? In the format https://your-jenkins-domain.com:8080

Are there any connection issues between your Enterprise and Jenkins server? Are they on the same network? If not, are the appropriate firewall rules in place? Does your Jenkins server need to communicate with a corporate proxy to reach the internet?

Boris | Last updated: Jul 26, 2021 06:21PM UTC

Hello, Thank you for the response! It appears the issue may indeed be related to the installed Java version. We will review the setup in Jenkins and follow up.

James, PortSwigger Agent | Last updated: Jul 27, 2021 07:55AM UTC

Hi Boris, Thanks for letting us know. Please get in touch if you need any further assistance. Have a good day.

Boris | Last updated: Aug 03, 2021 08:55PM UTC

Hello, Thank you again for your guidance. After upgrading Jenkins to use JDK 11 the Burp Suite plugin is now responsive and can be added as a build action however if we select the "Burp Site Driven Scan" and enter the URL along with the API key the option "The site to be scanned" remains locked and greyed out. We tried number of setting combinations and verified credentials and permissions but the select box remains locked and greyed out. There are no errors that we noticed anywhere. Please advise us what might be causing this.

James, PortSwigger Agent | Last updated: Aug 04, 2021 08:07AM UTC