Burp Suite User Forum
Hi PortSwigger Team, The Professional version scanner is not detecting a simple blind SQL injection in Microsoft SQL server. I know in versions 1.7 and 2.0beta this exact scenario was correctly identified several...
Burp Pro - has anyone else solved the issue of getting continual Connection Resets like fxxxing hundreds. And not being able to tell what is causing it Also lots and lots of Client failed to negotiate a TLS...
I am pretty new to Burp pro, so I don't have a lot of experience to know whether this is expected behavior or not. I am hoping some more experience users can give me some insight here... I am testing a wordpress based...
Hi, I'm having issues with this lab,"Web cache poisoning to exploit a DOM vulnerability via a cache with strict cacheability criteria". As soon as I enter the X-Forwarded-Host header, the lab server fails to respond. I've...
I have a website that has the following login form: <form id="example" name="example" method="POST" target="_self" action="https://example.org/e/?login" accept-charset="UTF-8"> <input type="text" name="username"...
When I go to any site via safari on iphone(ios 14), I'm getting "This connection is not private" and when I hit the option to visit this site, I'm still not able to connect to the site. However, I'm seeing the traffic in...
Hi, I'm trying to connect to website using burp chromium browser. But most of the time, the loading end by an error screen saying "failed to connect to website.com:443" I searched but didn't fought any awnser that helped...
Hi, I noticed the advanced scope control mentions you can insert regex, but it does not actually follow correct regex syntax. Asterisk `*`, should be treated as a quantifier, matching zero to unlimited times, however...
Hello I want to use regex to remove those empty lines from the HTTP responses that developers placed there. I used ^ to get the beginning of each line, but what it returns is just the first line of the response and...
Hi, this bug has been around for more than a year now, and I'm unsure what's causing it. Current platform: - MacOS Catalina v. 10.15.7 - MacBook Pro 2019 - 2,6 GHz 6-Core Intel Core i7 - 16 GB 2667 MHz DDR4 - AMD...
1、I need to brute force the username and password fields.See 1. JPG POST /xxx/xxx HTTP/1.1 Host: xxx.xxx.xxx.xxx Connection: close Content-Length: 56 Accept: application/json, text/javascript, /; q=0.01 Origin:...
The smart decoder is not working anymore for even simple base64 payloads. Please debug the issue and let me know. Thanks, Rod
Burp suite professional crash when I change my keyboard layout to Mandarin input (Pinyin) in Mac OS X 10.14.6
Found on Burp Suite Community Edition v.2020.12.1 1. I'm trying to start intruder attack with following payload: type: recursive grep initial payload: 2021-01-12 16:27:24.056815 (timestamp with characters wich...
After right clicking and selecting "Send to Repeater" the request text becomes mangled (overlapped in some areas). Running Burp 2020.12.1 Professional with Dark theme in Ubuntu 20.
I am getting many, many instances of the "Backup file" issue type. The issue is that the scanner makes a request that is a variant of a legitimate request, for example instead of GET /users/sign_in.json, it will call GET...
Hi, I had my burp pro license at the limit. I wanted to remove it from one machine to activate it on another. So I did remove burp from my computer under the help menu, but it is now neither allowing activating the license...
Hi, I solved it once before but now I was revising and I think it crashed because when I logged in my user using the provided credentials wiener:peter then I went to my account page and then I submitted an updated email...
I followed the recorded login sequences instruction and successfully generated JSON objects for application login data. But I'm not able to replay and validate the data. All I see is a blank webpage during the replay. I...
administrators password not working......... no problem with carlos and wieners
Page 1 of 68
Your source for help and advice on all things Burp-related.