Burp Suite User Forum

Login to post

Achieve release wont install for community edition

Hey I have tried installing the previous versions of Burpsuite community edition and it wont start downloading.This is happening for all the previous releases which contains the Windows(64 bit) version. However the Pro...

Last updated: Nov 27, 2022 07:48AM UTC | 0 Agent replies | 0 Community replies | Bug Reports

Getting MOZILLA_PKIX_ERROR_MITM_DETECTED when trying to run burp.

Got this error out of nowhere as I had been running burp regularly on firefox without issues earlier in the day. I ran into the same problem on chrome as well. I have deleted the certificate, cleared the cache, unistalled...

Last updated: Nov 26, 2022 10:19PM UTC | 8 Agent replies | 13 Community replies | Bug Reports

https://portswigger.net/web-security/sql-injection/examining-the-database/lab-querying-database-version-mysql-microsoft

The lab(Subject line) does not put output after trying multiple payloads even interesting is the fact that the solution provided also does not work as a solution. Have been stuck and here. The lab is : SQL injection attack,...

Last updated: Nov 26, 2022 10:58AM UTC | 0 Agent replies | 0 Community replies | Bug Reports

Context Menu Sometime Not Workig In Release - 2022.7.1

Hi Team, I recently updated to Burp Pro v2022.7.1. I noticed that sometimes the second level context menu don't work. Steps to reproduce: 1) Intercept a request 2) Then right-click to get the first level context...

Last updated: Nov 25, 2022 10:46AM UTC | 5 Agent replies | 4 Community replies | Bug Reports

Cursor pointer not on-point

Burp jar - burpsuite_community_v2020.5/Windows 10 Pro/Open JDK Latest version, In repeater cursor is not following entered chars after 5/6 letters. This is happening only in executable jar version & not in installation...

Last updated: Nov 24, 2022 07:35PM UTC | 5 Agent replies | 5 Community replies | Bug Reports

Failed to start proxy service on 127.0.0.1:<ANY PORT>

Hi, I am having an issue where Burpsuite will not bind to any port on localhost e.g. 127.0.0.1:8080,9999 etc. OS: Windows 10 Browser: Firefox Error message: 'Error "Failed to start proxy server on 127.0.0.01:<ANY PORT...

Last updated: Nov 24, 2022 10:55AM UTC | 4 Agent replies | 3 Community replies | Bug Reports

Academy lab do not update status randomly.

Hi, I see a problem with the update of the state of the laboratories that I finished correctly. They are randomly shown as unsolved. It is happening to me in SQLi and JWT attacks. Thank

Last updated: Nov 23, 2022 10:46AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Lab for "Web cache poisoning with an unkeyed header" not completing despite correct (?) solution

Hi, Basically as the title says I have done the lab for "Web cache poisoning with an unkeyed header" and succeeded in getting the alert box to pop up in my browser. However despite this no matter what I do the lab itself...

Last updated: Nov 23, 2022 10:13AM UTC | 5 Agent replies | 8 Community replies | Bug Reports

Issues with Burp Suite Enterprise Edition deployed on GKE

Hi We have deployed burp suite enterprise edition on GKE and run an automated schedule on weekly basis. Can you please let us know how to fix below error mainly due to "browser crashing" which fails whole scan ?...

Last updated: Nov 22, 2022 05:59PM UTC | 2 Agent replies | 2 Community replies | Bug Reports

Burp's Cookie Jar Handles Cookies Differently to Common Browsers

I have an interesting "bug" for you. I was testing a website that set a session cookie upon login. When logging out, the application set the session cookie to '""' (i.e. two double quotes) rather than an empty...

Last updated: Nov 22, 2022 01:38PM UTC | 2 Agent replies | 0 Community replies | Bug Reports

CORS failure

I am using burpsuite professional at my work and testing the client web application. I am facing problem with burp v2021.8.3 which is failing coz of CORS failure. I am getting the response from application in proxy but...

Last updated: Nov 22, 2022 08:26AM UTC | 3 Agent replies | 3 Community replies | Bug Reports

net.portswigger.devtools.client.ah: Unable to start browser:

I am sorry, I am new to BurpSuite and am trying to use the Community edition on Windows/10 64bit. I am on the "Proxy" tab and have "Intercept is on". When I click the "Open browser" I get this error message: Burp...

Last updated: Nov 22, 2022 07:16AM UTC | 4 Agent replies | 3 Community replies | Bug Reports

Google "This browser or app may not be secure" error

Hello - When attempting to authenticate with accounts.google.com on the built in Burp browser, I am getting the error: Couldn’t sign you in This browser or app may not be secure. After entering email address in...

Last updated: Nov 21, 2022 10:55AM UTC | 14 Agent replies | 16 Community replies | Bug Reports

pcsc smart card support Linux not working anymore?

Hi there, there is a problem with the feature 'User Options>TLS>Client TLS Certificates>Hardware token or smart card. The feature only seems to support "legacy" fat pcsc driver implementations, whereas most modern pcsc...

Last updated: Nov 21, 2022 08:46AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Solution to Resolve JRE Appears to be a Version 17.0.5 from Debian... Error Message

Hi Burp Suite Team, Is there a solution to fix this message that pops up when I launch Burp Suite Community Edition v2022.9.6? JRE Appears to be a Version 17.0.5 from Debian Burp has not been fully tested on this platform...

Last updated: Nov 19, 2022 03:57AM UTC | 1 Agent replies | 1 Community replies | Bug Reports

BApps do not use/update Cookie Jar in Active Scan

Hi. Working on an app with particularly aggressive session management. Session timeout is short and even with regular 'keep alive' requests the original cookie value becomes stale, the newly issued value must be used. Tried...

Last updated: Nov 17, 2022 01:25PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Internal cache poisoning unintended way

Hi, I solved the internal cache poisoning lab while I was testing the inputs. I recorded a video to show what I did: https://drive.proton.me/urls/0C3VH6VN10#RpZcgYTH5CmI

Last updated: Nov 17, 2022 11:05AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Lab "cors/lab-internal-network-pivot-attack" broken?

Hi, Issue with: https://portswigger.net/web-security/cors/lab-internal-network-pivot-attack The lab behaved pretty weird for me, not sure what's the issue. Solutions I tried: - My own (for 6h) - Official...

Last updated: Nov 17, 2022 11:03AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Bug in makeHttpRequest when handle multiple redirect requests

Hi, I have a custom extension that perform an Oauth2 authentication before start an active scan. This extension work fine right up to the version 2022.9.5. The issue I seen happen when follow Oauth2 flow by calling to...

Last updated: Nov 16, 2022 03:21PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Academy Mystery Labs - File upload challenges are missing /home/carlos/secret

I have noticed that all of the Mystery challenges for file upload vulnerabilities do not have the required '/home/carlos/secret' file. This makes it impossible to submit the solution. Steps to reproduce: 1)...

Last updated: Nov 16, 2022 02:47PM UTC | 4 Agent replies | 2 Community replies | Bug Reports

Page 1 of 112

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image