Skip to content
This repository has been archived by the owner on Apr 4, 2024. It is now read-only.

Bug #96

Open
soufianetahiri opened this issue Dec 1, 2021 · 0 comments
Open

Bug #96

soufianetahiri opened this issue Dec 1, 2021 · 0 comments

Comments

@soufianetahiri
Copy link 

Traceback (most recent call last):
  File "/home/soufiane/.BurpSuite/bapps/b2244cbb6953442cb3c82fa0a0d908fa/UploadScanner.py", line 981, in doActiveScan
    self.do_checks(injector)
  File "/home/soufiane/.BurpSuite/bapps/b2244cbb6953442cb3c82fa0a0d908fa/UploadScanner.py", line 1073, in do_checks
    colab_tests.extend(self._magick(injector, burp_colab))
  File "/home/soufiane/.BurpSuite/bapps/b2244cbb6953442cb3c82fa0a0d908fa/UploadScanner.py", line 1073, in do_checks
    colab_tests.extend(self._magick(injector, burp_colab))
  File "/home/soufiane/.BurpSuite/bapps/b2244cbb6953442cb3c82fa0a0d908fa/UploadScanner.py", line 1439, in _magick
    self._send_sleep_based(injector, basename, content, types, injector.opts.sleep_time, issue)
  File "/home/soufiane/.BurpSuite/bapps/b2244cbb6953442cb3c82fa0a0d908fa/UploadScanner.py", line 4314, in _send_sleep_based
    new_content = content.replace(BurpExtender.MARKER_CACHE_DEFEAT_URL, "https://example.org/" + ''.join(random.sample(string.ascii_letters, 11)) + "/")
AttributeError: 'NoneType' object has no attribute 'replace'

Upload Scanner Version: 1.0.8

Extension code location: doActiveScan
Jython version: 2.7.2 (v2.7.2:925a3cc3b49d, Mar 21 2020, 10:03:58)
[OpenJDK 64-Bit Server VM (Oracle Corporation)]
Java version: 16.0.2
Burp version: Burp Suite Professional 2021 10.2
Command line arguments: 
Was loaded from BApp: True
Request: 'POST /admin/rs/media/library/uploadmultifiles/xxxxxxx/xxxxxxxxxx
HTTP/1.1\r\nHost: xxxxxxxx.com\r\nCookie: JSESSIONID=xxxxxxxxxxxxxxxxxxxx;
SERVERID=pp-xxxx\r\nUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:94.0) Gecko/20100101
Firefox/94.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r
\nX-Requested-With: XMLHttpRequest\r\nContent-Type: multipart/form-data;
boundary=---------------------------425317772017903238912665175467\r\nContent-Length: 322\r\nOrigin:
https://xxxx.com\r\nReferer: https://xxxxx.com/xxx-
admin/account/customization/xxxxxxx/xxxxxxxxxxxx\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-
Fetch-Site: same-origin\r\nTe: trailers\r\nConnection: close\r\n\r\n-----------------------------
425317772017903238912665175467\r\nContent-Disposition: form-data; name="logo-twitter.php"; filename
="logo-twitter.php"\r\nContent-Type: application/x-httpd-php\r\n <?php ech...
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@soufianetahiri