Burp community forum

Running automated scans with Carbonator

Kevin | Last updated: Jul 29, 2015 02:19PM UTC

We installed Carbonator from within the Burp scanner under the BApp store and ran the following command for as a test: java -jar Xmx2g c:\Users\Desktop\Burpsuite_pro_v1.6..21.jar https://www.google.com. We received the error message: Error occurred during initialization of VM Could not reserve enough space for 2097152KB object heap. The Burp scanner is running a VM workstation with 4GB of memory and 35 GB of space. Can anyone tell me if we need to adjust the memory or disk size for Carbonator to run?

PortSwigger Agent | Last updated: Jul 29, 2015 02:24PM UTC

We would suggest removing the Xmx2g argument altogether, and let the JVM and OS decide how much memory to use. Then try using Burp in the way you require. If you end up needing more memory then you may need to assign more resources to your overall VM.

Burp User | Last updated: Jul 29, 2015 07:40PM UTC

I was able to launch Burp by using the java command but nothing happened when the Burp scanner opened. I received the following new error message on my command line: java.util.prefs.WindowsPreferences <init> WARNING: Could not open/create prefs root node Software\JavaSoft\Prefs at root 0x800000002. WIndow RegCreate KeyEX<...> returned error code 5. Thank you.

PortSwigger Agent | Last updated: Jul 30, 2015 07:59AM UTC

You can safely ignore that error message, which is generated by the Java runtime when the Java preferences store is first accessed. When you say "nothing happened", do you mean that Carbonator didn't do the scan you intended? If so, double check that (a) Carbonator is installed and running after you start Burp; (b) you have the right command line arguments that Carbonator looks for; (c) there are no errors in the output/error tabs for the Carbonator extension.

Burp User | Last updated: Jul 30, 2015 05:49PM UTC

The command java -jar c:\Users\Desktop\Burpsuite_pro_v1.6.21.jar https://www.google.com opened Burp and the website wasn't added to scope and the spidering and scanning didn't start. It was the same as if I just opened Burp without Carbonate. Maybe I'm missing something in my configuration or settings. This is what I've done since installing Cabonator. Under the extender tab: At the top I have Carbonator Loaded with the Python type. At the bottom on the details tab: Extension loaded is checked with Carbonator. Output tab shows Invalid command line arguments supplied. Errors Tab: Blank. BApp Store tab shows Carbonator installed. Options tab: Settings has the check box checked to Automatically reload extensions on startup. Python Environment: Location of Jython standalone JAR file: This is pointed at the location where Jython.jar is at. Thank you for all of your support so far. I really appreciate it.

PortSwigger Agent | Last updated: Jul 31, 2015 08:13AM UTC

You provided your own answer: "Output tab shows Invalid command line arguments supplied." Have a look at the Carbonator documentation. I think you need to specify a few more arguments than just a target host.

You need to Log in to post a reply. Or register here, for free.