Burp community forum
On a recent engagement, we encountered an application that uses websockets. The application upgrades the connection post-login. For example, (borrowed from Wikipedia) GET /test HTTP/1.1 Host: server.example.com Upgrade:...
Hi, you have a wonderful lab, but i had a problem with passing Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft I tried to get her two days, nothing came out and I looked at the...
Hey all, I have been trying for days to get NTLM authentication to work with Burp. I've tried multiple browsers and find that Burp will not proxy NTLM requests at all. When authenticating manually through the browser I...
Hi, you have a wonderful lab, but i had a problem with passing Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft I tried to get her two days, nothing came out and I looked at the...
Hello, May this message finds you well ! :) I have an issue with Burpsuite Proffessional in regards to websocket traffic. Apparently I am able to view the traffic through developers console, but in Burpsuite the data...
In Burp v2020.1 you cannot convert (e.g. base64-decode) smth in the Proxy history (which is read only). When you selected the desired text and type Ctrl+Shift+B, the selection becomes slightly shorter (as if it was...
Hi, I noticed that a particular Issue (HTTP Request Smuggling: CL.TE badwrap) generated by the HTTP Request Smuggler extension is reported in the dashboard but it does not appear in the Target > Issues Tab of the relative...
Hi, I detected an issue in the latest Burp version where even though Burp has the "200 Ok" response for certain requests (they can be found in proxy history and search functionality) the Contents section of Target displays...
Hello Team, I'm using Burp Suite Professional Version 2020.1. When I run Burp Suite, not able to crawl all the pages. It consumes full RAM and machine goes to hung state. We are facing this issue from Profession Version...
Could you please reset the webpage for the following lab for my account? https://portswigger.net/web-security/dom-based/dom-clobbering/lab-dom-xss-exploiting-dom-clobbering I am out of possible comments on the page and...
Burp Suite Pro version: 2.1.05; Steps to reproduce: 1. Start Burp Suite Pro; 2. Launch new scan, using REST API, i.e. do HTTP POST scan configuration to http://127.0.0.1:1337/$apiKey/v0.1/scan; 3. Poll scan status...
In both the latest v2020.1 version and in the previous 2.1.07 one, the embedded browser health check failed with the attached error: it looks like the libGLES/libEGL libraries are expected to be of some other size. Image...
Hello Team, I am running scan of URL as mentioned below having multiple options from Jenkins using Burp Scan plugin. When I run the scan from Burp Enterprise it is getting triggered but when I run scan for same URL from...
Hi, I use Arial as well as few other fonts for HTTP Message Display Fonts (user options > display > http message display) . Version 1.7 has over 200 fonts available to chose from. I just upgrade to v2020.1 and there...
I, I've re-tried some times, but I never receive the mail with the download link for Burp Suite Trial Edition. My e-mail is : darkmatter.23@libero.it. Thank you very much!
The scan configuration UI in Burp Enterprise 2020.1 fails to load. This is happening post upgrade {code: 1, error: "Problem retrieving scan config UI"} code: 1 error: "Problem retrieving scan config UI"
iam using firefox ,i changed proxy and imported CA certificate. when i try to intercept iam getting error message Secure Connection Failed An error occurred during a connection to www.google.com. SSL received a record...
Hi, we have an internal setup where we use SmartCards for Authentication. In Burp 1.7 this worked like a charm but somewhere after the 2.0 upgrade something broke. At the last step (where you enter your PIN code) the...
Hi, I am not getting any response back from one of the lab exercise link "https://acf11fe21f086c81803b383000780037.web-security-academy.net" when i am forwarding the intercepted traffic from burp back to this link. The...
I've followed the appropriate steps to fully trust the burp cert, but as of iOS 13 this does not work and HTTPS requests fail. Looking at iOS 13 release notes, I found this: https://support.apple.com/en-us/HT210176 -- I...
Page 1 of 42