Bug Reports - Burp Suite User Forum

Error on scanning with Burp suite Professional v2020.6

Hi, after upgrading to v2020.6 I see the following issues: by selecting to scan one website ( default options, right click on the URL scan, 'Crawl and audit' ) the following will happen in most of the cases: 1. Scan...

No more activation allowed for this license

I INSTALLED NEW OS I'm facing the issue of "No more activation allowed for this license"

After Update: Unable to Capture HTTPS traffic

Hi, Yesterday I have update my Burp Professional to v2020.6. It is throwing error for all HTTPs sites. "The client failed to negotiate a TLS connection to www.xxx.com:received fatal error certificate unknown. OS:...

Project corruption

Every time i re-open already saved project burp says that the project file is corrupted and i have to repair that project to continue working. If i reopen the repaired project next time, burp again complains that the file...

2020.4.1 Missing ViewState Tab in Request

When viewing a request with a ViewState, previous versions would provide a ViewState tab to display the decoded information in tree view or would show that it was encrypted. As of 2020.4.1, this tab no longer shows. I...

Burp Suite Professional v2020.6 - CSRF PoC Generator "Test in browser" incorrect URL

Hello, When generating a CSRF PoC and using the "Test in browser" feature, it gives the following URL: - http://burpsuite/show/... However that URL is incorrect, the correct URL is: - http://burp/show/... Thanks.

iOS 13 + Burp SSL Certs Not Able to be Fully Trusted

I've followed the appropriate steps to fully trust the burp cert, but as of iOS 13 this does not work and HTTPS requests fail. Looking at iOS 13 release notes, I found this: https://support.apple.com/en-us/HT210176 -- I...

Active Scan insertion point types & other bugs

I found some issues with the insertion point types setting for active scans. It behaves weirdly and it seems like it has some bugs. 1. Setup: -I used Logger++ to see what is happening -I intercepted a request from the...

Burp Suite Pro v2020.6 Trial: Getting 'Paused due to error: Could not connect to any seed URLs'

Hi, I am trialing Burp Suite Pro v2020.6. I am pointing the GUI to an application URL which is publically available, running on AWS. When I kick off the audit and scan, it starts, then stops quickly with 'Paused due to...

Burp Community Installation on Kali - Pink Screens

I'm having a strange problem on Kali. After installing Burp Community, the startup prompts are all pink and cannot be clicked. I've tried installing with the shell script, the JAR file, and via apt. I've also tried...

Unable to enable https

Hi team, I try to upload the company's ssl cert to enable the https feature but got an error after I upload the cert and click on green check icon, the error message I got is "Failed to update Web Server settings", I...

IMessageEditor does not show markers

When I set up a marked request or response for a IMessageEditor instance, it does not appear to be honored. The editor loads the message okay, but there aren't any markers on it. So if I do something like this: int[]...

install macOS Catalina

Getting he following error when opening the installer on macOS Catalina “Burp Suite Professional Installer.app” can’t be opened because Apple cannot check it for malicious software. This software needs to be updated....

License problems

1)We buy new license for our burp enterprise server 2)Import license - success 3)Update server from update page (we dont update old server for few month) - license become status "Requires activation" 4)If we try update...

Error while working with Burpsuite

Whenever I'm browsing to any website while burp proxy is ON it just giving me an Error: No route to host(Host unreachable) Please help me out with this !

Enterprise - Problems on this URL - Unknown problem

Hello Forum, When reviewing scans that fail the information under Problems on this URL seems very useless. I am finding that every site that is failing shows the same issue under Problems on this URL - Unknown Problem. ...

burpsuite community

when i download the burpsuite community, it show me 3 hours to finished a download and it first i was thinking that the problem was with my internet and i tried to download another two application and the 2 application...

Batched (or stacked) queries SQLi

At https://portswigger.net/web-security/sql-injection/cheat-sheet chapter #Batched (or stacked) queries it is written: "MySQL Does not support batched queries." Perhaps I understand it wrong, but when I'm starting a...

IndexOutOfBoundsException

$ java -version openjdk version "12.0.2" 2019-07-16 OpenJDK Runtime Environment AdoptOpenJDK (build 12.0.2+10) OpenJDK 64-Bit Server VM AdoptOpenJDK (build 12.0.2+10, mixed mode) $ java -Xmx2G -jar...

Rate limit bug

Attackers can replay the mail send request on Email (customer registrations) generate the emails multiple times to any valid email id. Absence of rate limits can lead to the attacker flooding the application with spurious...