Embebbed Browser not work on Kali Linux
Hi The embebbed browser not work on Kali Linux, I test with health embebbed browser: Aborting checks due to errors. Unable to start...
LAB: SQL injection attack, querying the database type and version on MySQL and Microsoft
There's a bug in the solution (at least trying it out with latest chrome): # is understood as a url delimiter for anchor. It needs to be escaped. A correct solution is: ' UNION SELECT @@version, NULL%23
Images not available on the Support website
Hi The images are not available on the Support website. E.g. while visiting https://portswigger.net/support/using-burp-to-exploit-sql-injection-vulnerabilities-the-union-operator there are no images available. E.g. the...
Web Security Academy OS Command Injection, Simple Case
I've been trying to do this one (Web Security Academy OS Command Injection, Simple Case) but nothing seems to work. I even used the proposed solution and it didn't work at all so my suspicion is that the challenge is broken.
Found a wrong instruction
The bug was found in "Lab: Reflected XSS into HTML context with most tags and attributes blocked". The solution indicates that '"Visit the XSS cheat sheet and click "copy events to clipboard"'. I think it should be...
Found a wrong instruction
The bug was found in "Lab: Reflected XSS into HTML context with most tags and attributes blocked". The solution indicates that '"Visit the XSS cheat sheet and click "copy events to clipboard"'. I think it should be...
Pasting a text buffer with equal signs in a Repeater's body parameter's value creates unexpected parameters
Adding a multiline buffer <a href=”javascript:alert(0)”>ClickMe</a> to a body parameter split the value by the equal sign and created two more parameters. In addition, I would not expect the edit mode to suddenly turn the...
CPU and RAM in 2020.2.1 on Windows 10
Hello, Since upgrading to the new way of scanning I've had lots of issues with resource. I was hoping the current upgrade might have fixed it, but it's just getting worse. I only have a few extensions enabled with I've...
Could not start Burp: java.lang.ExceptionInInitializerError
When attempting to install burp for mac, the image mounts but when double clicking to install, it just wont install. Then attempted to use the JAR version and getting the error: Could not start Burp:...
Burp Suite 2.0 doesn't play well with Google Drive File Stream
I've had issues with Burp and GDrive File Stream on Windows 10 (fresh install). Specifically, automatic backups fail and the explicit saving of a project in the GDrive location (G:/ by default) results in the following...
BURP Pro v2020.2.1 burns CPU and memory without doing anything when in the Scan mode
Once it reaches the 64MB disk space, 131MB memory and 410MB temporary disk space usage, BURP occupies 780M memory according to MacOS Activity Monitor, keeping the fans on for hours with no additional updates in the requests...
Solution for "Lab: SSRF with blacklist-based input filter
Hello, the intended solution of this lab doesn't seem to work. After some testing I couldn't find a way to "enter" the admin area. "Encoding" the IP address works fine, but enter "admin" doesn't work at all. I tried...
Burp proxy incompatibility with 'deliver exploit to victim' labs
I've tried several of the CORS, DOM-based vulnerabilities and Web Cache Poisoning labs that require you to click the 'Deliver exploit to victim' in the Exploit server but has never worked when in Firefox v74.0 while proxying...
when Load server academy stuck on my iframe ;(
when I enter the iframe body and then position the file "/" I cannot enter the server academy. this make me cannot use server academy.
Binary data encode to base64 give wrong result in 2020.2.1 version
The last working version is 2.1.07. Later version when encode binary data to base64 it always gave wrong result when compare with 2.1.07. This request I take from HTTP Proxy History For example here is msgpack encode...
Burp Pro 2020.2.1 Crawler Not Finding Resource
Hello, I'm trying to troubleshoot an issue with Burp Suite Professional's crawler and "Live passive crawl from Proxy" with Burp Suite Professional 2020.2.1. The following request is not being discovered and added to...
Solution for "Lab: SSRF with blacklist-based input filter
Hello, the intended solution of this lab doesn't seem to work. After some testing I couldn't find a way to "enter" the admin area. "Encoding" the IP address works fine, but enter "admin" doesn't work at all. I tried...
Embebbed Browser
Hi, The embebbed browser never work for my. I'm use Kali last version. I check with Embebbed browser health cheack, and report this: Aborting checks due to errors. Unable to start...
Burp Suite Professional 2020.2.1 - Paused Scans
Hello, Running Burp Suite Professional 2020.2.1 on Kali Linux 2020.1. I noticed a potential bug. I've got a scan running with the built in "Never stop audit due to application errors" configuration, and noticed that it...
when Load server academy stuck on my iframe ;(
when I enter the iframe body and then position the file "/" I cannot enter the server academy. this make me cannot use server academy.
Page 1 of 45
Burp Suite Support Center
Your source for help and advice on all things Burp-related.
