Burp community forum

Burp proxy doesn't show responses with 1xx codes in HTTP history

On a recent engagement, we encountered an application that uses websockets. The application upgrades the connection post-login. For example, (borrowed from Wikipedia) GET /test HTTP/1.1 Host: server.example.com Upgrade:...

Last updated: Feb 20, 2020 07:33PM UTC | 1 Agent replies | 2 Community replies | Bug Reports

Soultion doesn't work in the lab.

Hi, you have a wonderful lab, but i had a problem with passing Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft I tried to get her two days, nothing came out and I looked at the...

Last updated: Feb 20, 2020 04:44PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

NTLM Authentication doesn't work

Hey all, I have been trying for days to get NTLM authentication to work with Burp. I've tried multiple browsers and find that Burp will not proxy NTLM requests at all. When authenticating manually through the browser I...

Last updated: Feb 20, 2020 04:05PM UTC | 0 Agent replies | 0 Community replies | Bug Reports

Soultion doesn't work in the lab.

Hi, you have a wonderful lab, but i had a problem with passing Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft I tried to get her two days, nothing came out and I looked at the...

Last updated: Feb 20, 2020 12:48PM UTC | 0 Agent replies | 0 Community replies | Bug Reports

Issue with Websockets

Hello,  May this message finds you well ! :)  I have an issue with Burpsuite Proffessional in regards to websocket traffic. Apparently I am able to view the traffic through developers console, but in Burpsuite the data...

Last updated: Feb 20, 2020 10:36AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Decoding doesn't work in read-only fields

In Burp v2020.1 you cannot convert (e.g. base64-decode) smth in the Proxy history (which is read only). When you selected the desired text and type Ctrl+Shift+B, the selection becomes slightly shorter (as if it was...

Last updated: Feb 19, 2020 03:04PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Issue Missing

Hi, I noticed that a particular Issue (HTTP Request Smuggling: CL.TE badwrap) generated by the HTTP Request Smuggler extension is reported in the dashboard but it does not appear in the Target > Issues Tab of the relative...

Last updated: Feb 19, 2020 01:48PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Target > Contents displays 304 response instead of 200

Hi, I detected an issue in the latest Burp version where even though Burp has the "200 Ok" response for certain requests (they can be found in proxy history and search functionality) the Contents section of Target displays...

Last updated: Feb 19, 2020 12:29PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Burp Suite consume all the Memory

Hello Team, I'm using Burp Suite Professional Version 2020.1. When I run Burp Suite, not able to crawl all the pages. It consumes full RAM and machine goes to hung state. We are facing this issue from Profession Version...

Last updated: Feb 18, 2020 02:47PM UTC | 3 Agent replies | 2 Community replies | Bug Reports

Can you please reset the webpage for the DOM-Clobbering LAB?

Could you please reset the webpage for the following lab for my account? https://portswigger.net/web-security/dom-based/dom-clobbering/lab-dom-xss-exploiting-dom-clobbering I am out of possible comments on the page and...

Last updated: Feb 18, 2020 01:27PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

REST API. Get scan status after Burp restart: Task ID not found

Burp Suite Pro version: 2.1.05; Steps to reproduce: 1. Start Burp Suite Pro; 2. Launch new scan, using REST API, i.e. do HTTP POST scan configuration to http://127.0.0.1:1337/$apiKey/v0.1/scan; 3. Poll scan status...

Last updated: Feb 18, 2020 10:33AM UTC | 5 Agent replies | 4 Community replies | Bug Reports

[v2020.1+v2.1.07/macOS 10.15.3] Embedded browser health check failed

In both the latest v2020.1 version and in the previous 2.1.07 one, the embedded browser health check failed with the attached error: it looks like the libGLES/libEGL libraries are expected to be of some other size. Image...

Last updated: Feb 15, 2020 04:46AM UTC | 2 Agent replies | 2 Community replies | Bug Reports

URL scan with multiple options from Burp Plugin giving error

Hello Team, I am running scan of URL as mentioned below having multiple options from Jenkins using Burp Scan plugin. When I run the scan from Burp Enterprise it is getting triggered but when I run scan for same URL from...

Last updated: Feb 14, 2020 09:16AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Missing HTTP Message Display Fonts in v2020.1

Hi, I use Arial as well as few other fonts for HTTP Message Display Fonts (user options > display > http message display) . Version 1.7 has over 200 fonts available to chose from. I just upgrade to v2020.1 and there...

Last updated: Feb 10, 2020 12:15PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Never receive mail with download link

I, I've re-tried some times, but I never receive the mail with the download link for Burp Suite Trial Edition. My e-mail is : darkmatter.23@libero.it. Thank you very much!

Last updated: Feb 10, 2020 10:51AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Scan Configuration UI Fails to load after Burp Enterprise 2020.1 Upgrade

The scan configuration UI in Burp Enterprise 2020.1 fails to load. This is happening post upgrade {code: 1, error: "Problem retrieving scan config UI"} code: 1 error: "Problem retrieving scan config UI"

Last updated: Feb 10, 2020 06:04AM UTC | 0 Agent replies | 0 Community replies | Bug Reports

gettin error code : SSL_ERROR_RX_RECORD_TOO_LONG

iam using firefox ,i changed proxy and imported CA certificate. when i try to intercept iam getting error message Secure Connection Failed An error occurred during a connection to www.google.com. SSL received a record...

Last updated: Feb 09, 2020 01:51PM UTC | 11 Agent replies | 33 Community replies | Bug Reports

SmartCard Client SSL Certificate

Hi, we have an internal setup where we use SmartCards for Authentication. In Burp 1.7 this worked like a charm but somewhere after the 2.0 upgrade something broke. At the last step (where you enter your PIN code) the...

Last updated: Feb 06, 2020 05:06PM UTC | 4 Agent replies | 3 Community replies | Bug Reports

Issue with response from lab link

Hi, I am not getting any response back from one of the lab exercise link "https://acf11fe21f086c81803b383000780037.web-security-academy.net" when i am forwarding the intercepted traffic from burp back to this link. The...

Last updated: Feb 06, 2020 03:59PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

iOS 13 + Burp SSL Certs Not Able to be Fully Trusted

I've followed the appropriate steps to fully trust the burp cert, but as of iOS 13 this does not work and HTTPS requests fail. Looking at iOS 13 release notes, I found this: https://support.apple.com/en-us/HT210176 -- I...

Last updated: Feb 06, 2020 09:26AM UTC | 9 Agent replies | 11 Community replies | Bug Reports

Page 1 of 42