Burp Suite User Forum

Login to post

Burp Does Not Redirect

The application I am testing uses SiteMinder for SSO, and this produces a redirect of the form... <HTML><HEAD><TITLE></TITLE></HEAD><BODY onLoad="document.AUTOSUBMIT.submit();">... <FORM NAME="AUTOSUBMIT" METHOD="POST"...

Last updated: Jan 27, 2023 04:21PM UTC | 8 Agent replies | 5 Community replies | Bug Reports

solved lab is showing not solved

i've succesfully sovled the lab Method-based access control can be circumvented but it shows that i dint solve it when i am redirected to the homepage

Last updated: Jan 27, 2023 08:44AM UTC | 18 Agent replies | 46 Community replies | Bug Reports

Cannot access http pages

Hi, I'm using the company laptop with system VPN and I don't know why I cannot access the http pages, even those in the lab environment such...

Last updated: Jan 26, 2023 02:06PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Activation

Hi, I had some problems with my machine and I had to format it a few times, but now when I managed to solve the problems my burp does not activate, it says that I have exceeded the number of activations allowed for my...

Last updated: Jan 26, 2023 10:55AM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Burp 2023.1 - all HTTP responses show as edited

Hi, In Burp 2023.1, all HTTP responses show as edited and I can select between original response and edited response in the Proxy HTTP history. However, there are no differences when comparing the two, i.e. the response...

Last updated: Jan 26, 2023 10:24AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Upgrade Failed

Hello, We tried upgrading BurpSuite Enterprise Kubernetes setup with 'Enterprise Edition 2023.1' with helm chart. We observed that upgrade failed and we were not even able to login into UI. We had to reverse the...

Last updated: Jan 26, 2023 09:55AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Unknown_CA Error When proxying Android Traffic through Burp

Hello, I am using an Android Nexus 5x running Android Oreo 8.1 I have exported the Burp Certificate, converted it to the correct format and uploaded it in /system/etc/security/cacerts with the correct name and it is...

Last updated: Jan 26, 2023 08:57AM UTC | 2 Agent replies | 2 Community replies | Bug Reports

Install error with .Ink file

Hello, I cannot install BurpSuite and receive the following error: 'BurpSuiteCommunityEdition\BurpSuiteCommunityEdition.Ink Could not create this file.' Can anyone assist me with this issue?

Last updated: Jan 25, 2023 01:03PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Burp 2022.12.6 on Windows manipulates binary POST body data depending on the Content-Type request header

I've encountered this issue with two separate applications, but finally found a way to reproduce it. Burp v2022.12.6 on Windows 10 64bit, changes binary POST data, when sending manipulated requests. For example...

Last updated: Jan 25, 2023 11:16AM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Burp suite pro 6 generating null pointer exception in console.

First I have observed that burpsuite_pro_v2022.12.6.jar is not invoking using mouse click. It is working fine when running using command prompt. But I am observing exception in console log... C:\Pentesting Tools>java...

Last updated: Jan 25, 2023 09:32AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

the lab could not be started in a timely manner

Apologies, the lab could not be started in a timely manner. Please try again or contact us if the problem persists. I have tried in different browsers but iti is not working

Last updated: Jan 25, 2023 08:52AM UTC | 9 Agent replies | 12 Community replies | Bug Reports

log4j2 vulnerability for Burp Suite Enterprise Edition Version: 2022.11-11262, Java version: 17.0.5

Hi, Our company is using Burp Suite Enterprise Edition Version: 2022.11-11262, Java version: 17.0.5. Could you please clarify if is this version or Burp Suite Enterprise affected by newly discovered log4j vulnerability....

Last updated: Jan 24, 2023 09:28PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Lab not getting marked as solved: Reflected XSS into HTML context with most tags and attributes blocked

After submitting the payload in the exploit server exactly as the lab answer specifies, the lab is still not getting marked as complete. I even tested it using "view exploit" which executes the xss, but delivering the...

Last updated: Jan 24, 2023 10:34AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

unknown host error

please tell solution . when i browse and intercept and request is forward then error show is unknown host

Last updated: Jan 24, 2023 08:14AM UTC | 11 Agent replies | 13 Community replies | Bug Reports

mouse click ignored

Hello, I can't click any button, including installer; It seems like mouse click is ignored :( I'm using macOS high sierra, and burp professional version 2.1.03. Is there any solution for this? Thanks!

Last updated: Jan 24, 2023 07:50AM UTC | 6 Agent replies | 6 Community replies | Bug Reports

mystery labs "solved labs only" filter broken

When doing mystery labs with the "solved labs only" feature enabled, I recieved two expert level labs despite having never solved any expert level labs. Is anyone else experiencing this issue?

Last updated: Jan 23, 2023 12:19PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

HELP WITH XSS and BURPSUITE!!!

Hello everyone, hope u are all great... I am having trouble replicating an issue that burp alerts too.. I have a reflected xss works fine in burp but is not reproducible in the browser due to modern browsers encoding input...

Last updated: Jan 23, 2023 09:30AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Reflected XSS in a JavaScript URL with some characters blocked - unintentional xss

Hi team, not sure if labs are built with only one particular and intended vulnerability per lab but in "Reflected XSS in a JavaScript URL with some characters blocked" there is other xss not related to the theme/scope of...

Last updated: Jan 20, 2023 04:09PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Wrong solution in WSA Expert lab XSS: Reflected XSS with AngularJS sandbox escape and CSP

Hello, in the WSA Lab titled 'Reflected XSS with AngularJS sandbox escape and CSP', the solution section is wrong because it suggests this...

Last updated: Jan 20, 2023 02:48PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

IP of targets in the logger resolve/change dynamically

With Burp Pro (v2022.12.6) the target IP can be shown in the included Logger function. If the IP of the target changes (e.g. By setting a different IP in the settings, network, connections, hostname resolution overrides)...

Last updated: Jan 20, 2023 02:46PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Page 1 of 116

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image