Burp Suite User Forum
Hello, Multiple times I've tried to complete this but it breaks. Sometimes when I try to open this lab, I get a 504 error saying no response. When I do get in, when I get to the step to add "X-Host: example.com", when I...
Hi, Is it possible the CSRF labs are broken? I have attempted the following: - https://portswigger.net/web-security/csrf/lab-no-defenses -...
Hi Team, I am using burp professional version 2024.5.5 and the browser is continuously crashing. Could you please help me here. Thanks
Hi, Are you having some issue today ? I've tried a lot of labs and each of them are incredibly slow to respond.
hello , I have been using your website in the last few months and i haven't encountered a similar problem until the past couple of weeks .When I solve a lab , it takes a long period of time to update the status to "lab...
Unfortunately I have had to reinstall my machine and now when I try to install burp suite, I get the error "No more activations allowed for this license" How can i fix it? licensed to talos
Hi, maybe there is bug inside the laboratory "CORS vulnerability with trusted insecure protocols". The following exploit script works with Burp's Chrome: <script> document.location =...
I am working on the following lab: https://portswigger.net/web-security/oauth/lab-oauth-account-hijacking-via-redirect-uri I have followed the solution instructions. PoC: <iframe...
We tried to solve https://portswigger.net/web-security/oauth/lab-oauth-account-hijacking-via-redirect-uri using the proposed solution. In particular, to steal the authorization code, such solution specifies to have the...
Hi, In the lab titled "Lab: OAuth account hijacking via redirect_uri", I am unable to view the exploit when using the iframe payload on the exploit server. Instead, I get the error below inside the...
I can successfully exploit myself but non of the labs get marked as solved. I've tried the first three web cache poisoning labs.
Hi, The provided solution will trigger DNS requests that my collaborator sees. However, the lab will not trigger the HTTP request. I have confirmed that the collaborator will see http requests when I test the collaborator...
Seems like there are some issues with the CSRF labs. I've tried using a variety of solutions for most of the day now and none of them seem to be working (or the first five I've tried anyway). The exploit server simply goes...
C:\Software\Sectools\Appsec>c:\openjdk-22.0.2\bin\java -Xmx24576M -jar burpsuite_pro_v2024.6.3.jar java.lang.StackOverflowError at java.desktop/javax.swing.text.View.getViewFactory(View.java:1028) at...
can someone help, anytime i try to log in a website, it keep giving me network error. when i turn off the burp proxy it works smoothly. these website were previously working with burp proxy but since today, it just gives...
Every time I start up Burp Suite and go to the Repeater tool, any existing Repeater tabs (either the default empty one when starting the new project, or any tabs loaded from an existing project) will have the "Request"...
Dear Portswigger Team, I hope this letter finds you well. I am writing to express my frustration and disappointment regarding the current performance issues with the Portswigger website and Portswigger Academy labs. As...
This lab is broken, when sending the payload to the victim (the correct one listed in the solution and with a different mail) the victim simply does not visit it as you can see in the access log as I don't see an IP address...
Hello i passed the BSCP exam around 2 days ago (more than 48 hours) however i havent received any mail with the results. In my-account page i can see status completed. Can i please get an email with the results :)
I done the lab of Cross-site scripting (Stored XSS lab) when I finished it, its show me not sloved.Please slove the problem.
Page 1 of 148
Your source for help and advice on all things Burp-related.