Burp Suite User Forum

Create new post

BurpSuite Professional v2023.1.2 unable to connect to https://www.google.com

Just freshly installed Burp Suite Professional version 2023.1.2 Launched built-in web browser from Proxy -> Open browser. Tried to connect to https://www.google.com and received No response received from remote server....

Last updated: Feb 27, 2024 04:05PM UTC | 3 Agent replies | 4 Community replies | Bug Reports

PortSwigger Lab: Web cache poisoning with an unkeyed cookie

Having the same issue with Webcache Poisoning - unkeyed cookie. Have managed to trigger the pop up on the site whenever a viewer loads homepage, but the automated user who is supposed to visit the site never does. Not...

Last updated: Feb 27, 2024 02:03PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

solved lab is showing not solved

i've succesfully sovled the lab Method-based access control can be circumvented but it shows that i dint solve it when i am redirected to the homepage

Last updated: Feb 27, 2024 01:50PM UTC | 27 Agent replies | 60 Community replies | Bug Reports

BURP built-in Chrome browser forcing HTTPS on HTTP site problem

Hi, I had the same problem described in the thread below (firefox) but for the Burp Chrome built-in browser! https://forum.portswigger.net/thread/burp-proxy-forces-https-in-the-firefox-private-window-5930dfca I am...

Last updated: Feb 19, 2024 07:57PM UTC | 5 Agent replies | 7 Community replies | Bug Reports

help bug..

I can't write anything..........

Last updated: Jan 10, 2024 08:53AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

MontoyaAPI v2023.12.1 Invalid URL Exception in includeInScope API

Hello, many thanks to your efforts on the cool Montoya API. I'm using a MontoyaAPI v2023.12.1 (net.portswigger.burp.extensions:montoya-api:2023.12.1) with a BurpSuite Professional v2023.12.1 for Intel Mac. My custom...

Last updated: Jan 09, 2024 03:08PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Faulty Lab: "CORS vulnerability with trusted insecure protocols"

Hi, maybe there is bug inside the laboratory "CORS vulnerability with trusted insecure protocols". The following exploit script works with Burp's Chrome: <script> document.location =...

Last updated: Jan 09, 2024 09:40AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Paused-Based Desync Detection reporting HTTP/2 requests

Hello! Burp Scanner's Client-Side desync check will sometimes report a firm status and confirm a paused-based desync vulnearbility. However. the attached requests on the issue, state that the requests are HTTP/2, which...

Last updated: Jan 08, 2024 02:58PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Academy Mystery Labs - File upload challenges are missing /home/carlos/secret

I have noticed that all of the Mystery challenges for file upload vulnerabilities do not have the required '/home/carlos/secret' file. This makes it impossible to submit the solution. Steps to reproduce: 1)...

Last updated: Jan 08, 2024 01:30PM UTC | 5 Agent replies | 3 Community replies | Bug Reports

Issue in an Academy Lab

Hello it would seem that there is an issue with the Lab for: "Exploiting server-side parameter pollution in a REST URL". After the request for the passwordResetToken is submitted the response does not have a valid password...

Last updated: Jan 08, 2024 12:00PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Macth And replace does not work

Hello, Burp Suite Professional and Comunity version has an issue when the match & replace rule does not work. I have Macbook Pro with M1 and thought that was the issue but while testing with windows and i9 Macbook,...

Last updated: Jan 08, 2024 10:27AM UTC | 3 Agent replies | 4 Community replies | Bug Reports

Burp Suite Repeater not working

I am running Burp Suite on Kali Linux via an Oracle Virtual Box instance on Windows 11. Following the labs when I send a request to the Repeater and then press Send, no response ever comes back. I did get a warning message...

Last updated: Jan 08, 2024 09:00AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Private Burp Collaborator ignoring polling Port settings (?)

I've set up my private collaborator and everything work as expected, except for the fact that I keep polling it without specifying the port and it works fine when I actually have set specific polling ports in the...

Last updated: Jan 08, 2024 08:51AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Getting MOZILLA_PKIX_ERROR_MITM_DETECTED when trying to run burp.

Got this error out of nowhere as I had been running burp regularly on firefox without issues earlier in the day. I ran into the same problem on chrome as well. I have deleted the certificate, cleared the cache, unistalled...

Last updated: Jan 07, 2024 04:43PM UTC | 11 Agent replies | 19 Community replies | Bug Reports

The lab is not marked as solved

Hello, I'm doing the lab Lab: DOM XSS using web messages https://portswigger.net/web-security/dom-based/controlling-the-web-message-source/lab-dom-xss-using-web-messages I managed to call the print() function and it...

Last updated: Jan 05, 2024 12:05PM UTC | 0 Agent replies | 1 Community replies | Bug Reports

Burp Collaborator data project lost when opening projects in Mac then in linux

Step to reproduce : 1/Open burp project in Mac and start collaborator quit and save burp 2/Open the same project in burp linux 3/collaborator tab disappear 4/try to import collaborator data from the previous saved...

Last updated: Jan 05, 2024 12:00PM UTC | 3 Agent replies | 2 Community replies | Bug Reports

Burp Suite Enterprise Scan Error

Hello, I have got such error. What should i do to fix it, And how to avoid such a problem in the future Error Dispatching scan to Burp-Suite-Enterprise Burp Suite Enterprise Edition v2023.12

Last updated: Jan 04, 2024 08:22AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

bsee k8s installation enterprise server mysql error

We are trying to get BSEE to run on our AKS cluster and MySQL PaaS database hosted on azure. We get errors on the initialising of the database, which I think is linked to a bad server setting or a bad practice in your db...

Last updated: Jan 03, 2024 04:03PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Menus and context menus all appear way off to the left of the screen

In Burp Pro, any time I click on a menu (View, Help etc.) or right-click to get a context menu (like right-click on a request to send to repeater for instance), the menus always appear offset way off to the left of screen....

Last updated: Jan 02, 2024 02:38PM UTC | 2 Agent replies | 4 Community replies | Bug Reports

Extension-based active scans not running when Cookies contain too many insertion points (?)

I'm noticing the extension scans are not running on requests that contain too many insertion points (?) in the cookies. Expected behaviour would be to stick to the "maximum defined insertion points" limit in the scan...

Last updated: Jan 02, 2024 12:54PM UTC | 2 Agent replies | 0 Community replies | Bug Reports

Page 1 of 139

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image