Burp Suite User Forum

Embebbed Browser not work on Kali Linux

Hi The embebbed browser not work on Kali Linux, I test with health embebbed browser: Aborting checks due to errors. Unable to start...

Last updated: Apr 03, 2020 05:52PM UTC | 3 Agent replies | 3 Community replies | Bug Reports

LAB: SQL injection attack, querying the database type and version on MySQL and Microsoft

There's a bug in the solution (at least trying it out with latest chrome): # is understood as a url delimiter for anchor. It needs to be escaped. A correct solution is: ' UNION SELECT @@version, NULL%23

Last updated: Apr 03, 2020 10:54AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Images not available on the Support website

Hi The images are not available on the Support website. E.g. while visiting https://portswigger.net/support/using-burp-to-exploit-sql-injection-vulnerabilities-the-union-operator there are no images available. E.g. the...

Last updated: Apr 03, 2020 10:44AM UTC | 2 Agent replies | 0 Community replies | Bug Reports

Web Security Academy OS Command Injection, Simple Case

I've been trying to do this one (Web Security Academy OS Command Injection, Simple Case) but nothing seems to work. I even used the proposed solution and it didn't work at all so my suspicion is that the challenge is broken.

Last updated: Apr 03, 2020 08:38AM UTC | 4 Agent replies | 4 Community replies | Bug Reports

Found a wrong instruction

The bug was found in "Lab: Reflected XSS into HTML context with most tags and attributes blocked". The solution indicates that '"Visit the XSS cheat sheet and click "copy events to clipboard"'. I think it should be...

Last updated: Apr 03, 2020 07:14AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Found a wrong instruction

The bug was found in "Lab: Reflected XSS into HTML context with most tags and attributes blocked". The solution indicates that '"Visit the XSS cheat sheet and click "copy events to clipboard"'. I think it should be...

Last updated: Apr 02, 2020 11:20AM UTC | 0 Agent replies | 0 Community replies | Bug Reports

Pasting a text buffer with equal signs in a Repeater's body parameter's value creates unexpected parameters

Adding a multiline buffer <a href=”javascript:alert(0)”>ClickMe</a> to a body parameter split the value by the equal sign and created two more parameters. In addition, I would not expect the edit mode to suddenly turn the...

Last updated: Apr 02, 2020 07:19AM UTC | 2 Agent replies | 2 Community replies | Bug Reports

CPU and RAM in 2020.2.1 on Windows 10

Hello, Since upgrading to the new way of scanning I've had lots of issues with resource. I was hoping the current upgrade might have fixed it, but it's just getting worse. I only have a few extensions enabled with I've...

Last updated: Apr 02, 2020 07:01AM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Could not start Burp: java.lang.ExceptionInInitializerError

When attempting to install burp for mac, the image mounts but when double clicking to install, it just wont install. Then attempted to use the JAR version and getting the error: Could not start Burp:...

Last updated: Apr 01, 2020 01:09PM UTC | 4 Agent replies | 4 Community replies | Bug Reports

Burp Suite 2.0 doesn't play well with Google Drive File Stream

I've had issues with Burp and GDrive File Stream on Windows 10 (fresh install). Specifically, automatic backups fail and the explicit saving of a project in the GDrive location (G:/ by default) results in the following...

Last updated: Apr 01, 2020 10:44AM UTC | 3 Agent replies | 3 Community replies | Bug Reports

BURP Pro v2020.2.1 burns CPU and memory without doing anything when in the Scan mode

Once it reaches the 64MB disk space, 131MB memory and 410MB temporary disk space usage, BURP occupies 780M memory according to MacOS Activity Monitor, keeping the fans on for hours with no additional updates in the requests...

Last updated: Apr 01, 2020 07:54AM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Solution for "Lab: SSRF with blacklist-based input filter

Hello, the intended solution of this lab doesn't seem to work. After some testing I couldn't find a way to "enter" the admin area. "Encoding" the IP address works fine, but enter "admin" doesn't work at all. I tried...

Last updated: Mar 31, 2020 12:14PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Burp proxy incompatibility with 'deliver exploit to victim' labs

I've tried several of the CORS, DOM-based vulnerabilities and Web Cache Poisoning labs that require you to click the 'Deliver exploit to victim' in the Exploit server but has never worked when in Firefox v74.0 while proxying...

Last updated: Mar 30, 2020 02:29PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

when Load server academy stuck on my iframe ;(

when I enter the iframe body and then position the file "/" I cannot enter the server academy. this make me cannot use server academy.

Last updated: Mar 30, 2020 10:29AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Binary data encode to base64 give wrong result in 2020.2.1 version

The last working version is 2.1.07. Later version when encode binary data to base64 it always gave wrong result when compare with 2.1.07. This request I take from HTTP Proxy History For example here is msgpack encode...

Last updated: Mar 30, 2020 10:09AM UTC | 3 Agent replies | 2 Community replies | Bug Reports

Burp Pro 2020.2.1 Crawler Not Finding Resource

Hello, I'm trying to troubleshoot an issue with Burp Suite Professional's crawler and "Live passive crawl from Proxy" with Burp Suite Professional 2020.2.1. The following request is not being discovered and added to...

Last updated: Mar 30, 2020 09:19AM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Solution for "Lab: SSRF with blacklist-based input filter

Hello, the intended solution of this lab doesn't seem to work. After some testing I couldn't find a way to "enter" the admin area. "Encoding" the IP address works fine, but enter "admin" doesn't work at all. I tried...

Last updated: Mar 30, 2020 08:35AM UTC | 0 Agent replies | 0 Community replies | Bug Reports

Embebbed Browser

Hi, The embebbed browser never work for my. I'm use Kali last version. I check with Embebbed browser health cheack, and report this: Aborting checks due to errors. Unable to start...

Last updated: Mar 30, 2020 07:44AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Burp Suite Professional 2020.2.1 - Paused Scans

Hello, Running Burp Suite Professional 2020.2.1 on Kali Linux 2020.1. I noticed a potential bug. I've got a scan running with the built in "Never stop audit due to application errors" configuration, and noticed that it...

Last updated: Mar 30, 2020 07:04AM UTC | 2 Agent replies | 2 Community replies | Bug Reports

when Load server academy stuck on my iframe ;(

when I enter the iframe body and then position the file "/" I cannot enter the server academy. this make me cannot use server academy.

Last updated: Mar 28, 2020 10:39PM UTC | 0 Agent replies | 0 Community replies | Bug Reports

Page 1 of 45

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image