Bug Reports - Page 105 - Burp Suite User Forum

Scanner does not work through upstream proxy

In Burp 2020.9 and 2020.9.1, Scanner times out when going through an upstream proxy with NTLM auth. 2020.2 is not having this issue.

Blind SQL injection with conditional responses - on WebSecurity Academy

The page on this lab always showing "Welcome back!" whether there is correct SQLi query or not even without using SQLi on the TrackingId cookies. It's hard to find the answer for this lab. Thank you. Best...

Unicode Normalization Bug

During one of the pentests I was attempting to test for the Hostsplit unicode normalization vulnerability by tampering with the host header. More details about this vulnerability can be found...

Lab: Reflected XSS into HTML context with all tags blocked except custom ones lab is not working

hey i have been doing some labs but i got to notice that the above content lab is passing the payload even i get a xss pop up but still says lab not solved i have done refreshing the page and also i have tried it on the...

Burpsuite does accept external connections on Mac OSX Catalina

I have burp running on the mac osx catalina and listening on all interfaces. in the mac osx firewall the burpsuite and java are allowed to accept incomming connections but the burp suite doesnt receive any traffic from the...

Burp Profession V2020.9.1 is eating CPU and Memory

My burp profession v2020.9.1 is consuming cpu and memory usage and it is just opening. It is eating 5GB of my laptop memory constantly.

Burp licence activation failed on reinstalled windows workstations after upgraded

Could you please help to reactivate the two burp licenses under my account. Since after windows upgraded, our burp licenses have been lost and need to reactivate however all the burp licenses cannot be used when I try...

Receiving error on accessing websites via Burpsuite Community 2020.9

I'm getting the following errors when attempting to use Burp to analyse web traffic.I am using embedded browser to access websites. 1599157875112 Error Proxy [54] The client failed to negotiate a TLS connection to...

Facing Issues while Site scanning

I have Burp suite enterprise edition installed. I am Getting "Waiting for agent" error while any site scanning If I go to agents section I can see below error "An unexpected error occurred. If this problem persists,...

Critical Service Issue : External Service Interaction(DNS)

When we run Burp Scan to Our Xactly product, we are seeing a Critical issue related to "External Service Interaction(DNS)" is shown in scan reports. We tried to fix the issue in multiple ways and didn't help. I have the...

Active Scanning Using Default Collaborator Server Spoofing Instead of Private Collaborator Server

Under Project Options, I have "Use a private Collaborator server" selected with the name of an external Ubuntu 16.04LTS host that has Burp Collaborator Server running on it. However, when I dig through the results from...

Lab - Exploiting XSS to perform CSRF

Hello! I'm trying out this lab and, after submitting the payload to the comment section, the lab does not solve at all. I have confirmed that the payload works by accessing myself the forum and i see that the...

Audit Item Status shows " Error Request time out and Unknown Errors "

Hi, While using the Active scan & Crawl Audit scan against my Webserver. Scan is not able to completed it. * I could see " skipping Current Insertion point due to many consecutive un known errors. * For few...

Intruder marks are shifted

Dear PS team, I'm using Burp on MacBook Pro via Fusion VM - standard version with no strange configuration. I've found annoying Burp behaviour when im in Intruder - every positions marks made by Burp or by me are shifted...

BurpSuite => Mobile App TLS Connection Problem

Hello, I have been getting a TLS connection error in the BurpSuite recently. I'm installing the "http://burp" Burp Certificate on mobile device. The certificate is running in the web browser. SSL OK. But, doesn't work...

SSL Handshake Error

With Burp, I am trying to view the following website - https://self-repair.mozilla.org/ but I am not able to proxy it via Firefox. The error received (in alerts) is - javax.net.ssl.SSLException: Received fatal alert:...

cross site script

I have scanned the application using Burp suite professional licensed version, where I have received the cross-site scripting please refer to the below issues description. The original request used a Content-type...

gzip in request

Im assessting a mobile application that sends HTTP requests compressed. I have activated the check "proxy>options>miscelaneous>unpack gzip/deflate requests". But, when the request is unpacked, the request has still the...

Unable to find Burpsuite JAR file

I have downloaded the brupsuite pro edition and i see it is a .sh file. I am trying to follow the procedure mentioned but i am unable to find the .JAR file which is being mentioned in the steps. I am running the latest...

Can't install / launch burpsuite pro on latest Kali

Hi. I am trying to install burpsuite pro 2020.8 on the latest Kali release. I've tried using openjdk-11 as well as openjdk-8 with both results. after running burpsuite_pro_linux_v2020_8.sh I can see a new window hoping which...