Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

There's something wrong with lab "Targeted web cache poisoning using an unknown header"

Hello, Multiple times I've tried to complete this but it breaks. Sometimes when I try to open this lab, I get a 504 error saying no response. When I do get in, when I get to the step to add "X-Host: example.com", when I...

Last updated: Jul 26, 2024 08:38PM UTC | 0 Agent replies | 0 Community replies | Bug Reports

CSRF Labs Broken?

Hi, Is it possible the CSRF labs are broken? I have attempted the following: - https://portswigger.net/web-security/csrf/lab-no-defenses -...

Last updated: Jul 26, 2024 06:48PM UTC | 2 Agent replies | 5 Community replies | Bug Reports

Burp browser is crashing

Hi Team, I am using burp professional version 2024.5.5 and the browser is continuously crashing. Could you please help me here. Thanks

Last updated: Jul 26, 2024 07:15AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

All Labs very slow today

Hi, Are you having some issue today ? I've tried a lot of labs and each of them are incredibly slow to respond.

Last updated: Jul 26, 2024 07:10AM UTC | 7 Agent replies | 16 Community replies | Bug Reports

solved labs status not updated

hello , I have been using your website in the last few months and i haven't encountered a similar problem until the past couple of weeks .When I solve a lab , it takes a long period of time to update the status to "lab...

Last updated: Jul 26, 2024 06:56AM UTC | 3 Agent replies | 2 Community replies | Bug Reports

No more activations allowed for this license

Unfortunately I have had to reinstall my machine and now when I try to install burp suite, I get the error "No more activations allowed for this license" How can i fix it? licensed to talos

Last updated: Jul 25, 2024 03:39PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Faulty Lab: "CORS vulnerability with trusted insecure protocols"

Hi, maybe there is bug inside the laboratory "CORS vulnerability with trusted insecure protocols". The following exploit script works with Burp's Chrome: <script> document.location =...

Last updated: Jul 25, 2024 10:52AM UTC | 14 Agent replies | 17 Community replies | Bug Reports

OAuth account hijacking via redirect_uri

I am working on the following lab: https://portswigger.net/web-security/oauth/lab-oauth-account-hijacking-via-redirect-uri I have followed the solution instructions. PoC: <iframe...

Last updated: Jul 25, 2024 08:41AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Issues on the proposed solution to Lab: OAuth account hijacking via redirect_uri

We tried to solve https://portswigger.net/web-security/oauth/lab-oauth-account-hijacking-via-redirect-uri using the proposed solution. In particular, to steal the authorization code, such solution specifies to have the...

Last updated: Jul 25, 2024 08:39AM UTC | 6 Agent replies | 6 Community replies | Bug Reports

Lab: OAuth account hijacking via redirect_uri: SessionNotFound

Hi, In the lab titled "Lab: OAuth account hijacking via redirect_uri", I am unable to view the exploit when using the iframe payload on the exploit server. Instead, I get the error below inside the...

Last updated: Jul 25, 2024 08:06AM UTC | 2 Agent replies | 2 Community replies | Bug Reports

Labs: Web cache poisoning not solved

I can successfully exploit myself but non of the labs get marked as solved. I've tried the first three web cache poisoning labs.

Last updated: Jul 25, 2024 08:02AM UTC | 6 Agent replies | 9 Community replies | Bug Reports

Lab: Exploiting cross-site scripting to capture passwords problems

Hi, The provided solution will trigger DNS requests that my collaborator sees. However, the lab will not trigger the HTTP request. I have confirmed that the collaborator will see http requests when I test the collaborator...

Last updated: Jul 25, 2024 07:37AM UTC | 1 Agent replies | 1 Community replies | Bug Reports

CSRF lab issues

Seems like there are some issues with the CSRF labs. I've tried using a variety of solutions for most of the day now and none of them seem to be working (or the first five I've tried anyway). The exploit server simply goes...

Last updated: Jul 24, 2024 04:27PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

I am getting the below Java Stackoverflow error when running the latest Burp Proxy jar file with OpwnJDK 20.0.1 and 20.0.2, with or without extensions

C:\Software\Sectools\Appsec>c:\openjdk-22.0.2\bin\java -Xmx24576M -jar burpsuite_pro_v2024.6.3.jar java.lang.StackOverflowError at java.desktop/javax.swing.text.View.getViewFactory(View.java:1028) at...

Last updated: Jul 24, 2024 09:48AM UTC | 3 Agent replies | 4 Community replies | Bug Reports

Network error on websites login with burp proxy on

can someone help, anytime i try to log in a website, it keep giving me network error. when i turn off the burp proxy it works smoothly. these website were previously working with burp proxy but since today, it just gives...

Last updated: Jul 24, 2024 09:02AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Repeater's "Request" section is narrow when Burp Suite starts

Every time I start up Burp Suite and go to the Repeater tool, any existing Repeater tabs (either the default empty one when starting the new project, or any tabs loaded from an existing project) will have the "Request"...

Last updated: Jul 24, 2024 08:43AM UTC | 3 Agent replies | 2 Community replies | Bug Reports

Availability- The website is too slow now a days

Dear Portswigger Team, I hope this letter finds you well. I am writing to express my frustration and disappointment regarding the current performance issues with the Portswigger website and Portswigger Academy labs. As...

Last updated: Jul 24, 2024 07:40AM UTC | 18 Agent replies | 33 Community replies | Bug Reports

SameSite Lax bypass via method override Lab Broken

This lab is broken, when sending the payload to the victim (the correct one listed in the solution and with a different mail) the victim simply does not visit it as you can see in the access log as I don't see an IP address...

Last updated: Jul 24, 2024 07:36AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

BSCP certification results mail

Hello i passed the BSCP exam around 2 days ago (more than 48 hours) however i havent received any mail with the results. In my-account page i can see status completed. Can i please get an email with the results :)

Last updated: Jul 24, 2024 07:35AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

solved lab is showing not solved

I done the lab of Cross-site scripting (Stored XSS lab) when I finished it, its show me not sloved.Please slove the problem.

Last updated: Jul 24, 2024 07:31AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

1
2 3 4 5

Page 1 of 148

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image