Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Port 25 needed for new SMTP Checks on Private Collaborator Server?

John | Last updated: Nov 18, 2016 05:10PM UTC

Hi, Does port 25 need to be opened in the firewall for the new SMTP checks to work on our private Collaborator Server and is there an option to set the listening port? aka "smtp": { "port" : 8025 } Thanks

PortSwigger Agent | Last updated: Nov 21, 2016 10:29AM UTC

We've now updated the Collaborator server documentation to reflect some recent changes. Details are here: https://portswigger.net/burp/help/collaborator_deploying.html Note that existing configuration files will continue working as before with the updated version of the software. The changes that have been made to the configuration file are: - New sections for SMTP and SMTPS services. - Services can be configured to start on multiple ports - for example, the SMTP service by default runs on ports 25 and 587. - SSL configuration has moved from the HTTPS section into a new SSL section that is used to configure SSL options for all services that need it. To make full use of the Collaborator, you will need to allow incoming traffic through your firewall on the following ports: DNS: UDP port 53 HTTP: TCP port 80 HTTP: TCP port 443 SMTP: TCP ports 25 and 587 SMTPS: TCP port 465

Burp User | Last updated: Nov 21, 2016 11:17AM UTC

I've experimented with the configuration file and determined that it does it indeed support custom ports in a similar fashion: "smtp": { "port": 2525 }, "smtps": { "port": 4465, "certificateFiles" : [...] } However, when using this configuration both ports for SMTP are not started up correctly, rather only one port is started up correctly. 2016-11-21 06:08:05.663 : Listening for DNS on <ip>:5353 2016-11-21 06:08:05.667 : Listening for HTTP on <ip>:8080 2016-11-21 06:08:05.678 : Listening for SMTP on <ip>:2525 2016-11-21 06:08:05.688 : Listening for HTTP on <ip>:9090 2016-11-21 06:08:05.992 : Listening for SMTPS on <ip>:4465 2016-11-21 06:08:05.996 : Listening for HTTPS on <ip>:8443 2016-11-21 06:08:06.004 : Listening for HTTPS on <ip>:9443 I attempted to send both 25 and 587 to 2525 however that generated the following error (for port 25) when I ran the health check: The SMTP response of the capture server was not as expected, perhaps this is not a collaborator server. My iptables config: [root@ip-172-30-1-46 burp-collaborator]# iptables -t nat -S -P PREROUTING ACCEPT -P INPUT ACCEPT -P OUTPUT ACCEPT -P POSTROUTING ACCEPT -A PREROUTING -i eth0 -p udp -m udp --dport 53 -j REDIRECT --to-ports 5353 -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080 -A PREROUTING -i eth0 -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8443 -A PREROUTING -i eth0 -p tcp -m tcp --dport 587 -j REDIRECT --to-ports 2525 -A PREROUTING -i eth0 -p tcp -m tcp --dport 465 -j REDIRECT --to-ports 4465 -A PREROUTING -i eth0 -p tcp -m tcp --dport 25 -j REDIRECT --to-ports 2525 I've looked through the (incredibly obfuscated) decompiled code and it appears that the STMP service does support taking a collection of Ints as port numbers, however I believe the configuration file does not support it (or at least I don't know how to make it support the config). I was unwilling to attempt to reverse engineer the code more to identify what it would support. Things I have tried: port = [2525, 5587] port = {2525, 5587} port = 2525, port = 5587 None of those worked and I am currently unable to get burp to detect both ports.

Burp User | Last updated: Nov 21, 2016 11:48AM UTC