Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

What is Private IP addresses disclosed reported by Burp Suite.

Sai | Last updated: Mar 27, 2018 10:55AM UTC

What is Private IP addresses disclosed reported by Burp Suite, and how to fix it. Please let us know what can be the cause of this issue and how to fix it.

Liam, PortSwigger Agent | Last updated: Mar 27, 2018 11:51AM UTC

The details of the IP Address disclosed by the application should be detailed in the Issue detail section of the Issues > Advisory tab. This issue is flagged as information, issues should always be manually reviewed based on the tester's knowledge of the application.

Burp User | Last updated: Mar 27, 2018 02:40PM UTC

So does it mean, we can ignore this or we have to fix something?

PortSwigger Agent | Last updated: Mar 27, 2018 02:50PM UTC

Hi Sai, It's not urgent to fix - it's not high risk like SQL injection. However, best practice is to fix low risk issues too. In the advisory there will be a request and response tab, and within the response the IP address will be highlighted. First, check that it actually is an IP address; I have seen other digits, such as phone numbers, being incorrectly identified. Usually this vulnerability is related to web server configuration, so the fix details will depend on your web server. If you send us a screenshot of the response and details of your web server, we can advise further.

Burp User | Last updated: Mar 27, 2018 03:02PM UTC

Thanks a ton for the quick response Paul. Unfortunately no one is allowed to use Burp Suite, other than security team. Issue description says: Description: The application discloses internal network IP addresses in responses sent from the server to the client. Internal IP address spaces often fall in one or more of the following ranges: ---- Knowing specific internal IP addresses and overall IP address schemes reduces reconnaissance time and aids an attacker in more efficiently crafting targeted attacks against the internal network. As you said, it related to server configuration, we shall try to figure out but any resolved case or solution available?

PortSwigger Agent | Last updated: Mar 27, 2018 03:04PM UTC

Hi Sai, If you search online for your webserver and "private IP address leakage" you should find some advice. For example: - https://support.microsoft.com/en-us/help/967342/fix-the-internal-ip-address-of-an-iis-7-0-server-is-revealed-if-an-htt Keep a dialog open with your security team - you really need to see the response in Burp with the IP address highlighted, it will be almost impossible to resolve the issue without that.

Burp User | Last updated: Mar 27, 2018 03:19PM UTC

Okay, will get back to you. With my findings. Any online chat available with you guys. With the quick responses I am getting, it feels like chat only. Thanks a lot. I am obliged. Will keep posting you guys as we have lots and lots of findings to fix!

PortSwigger Agent | Last updated: Mar 27, 2018 03:53PM UTC