Bug Reports - Page 106 - Burp Suite User Forum

Lab: Arbitrary object injection in PHP in Information Disclosure is missing from "All Labs" section

Hi Team, The following lab "Lab: Arbitrary object injection in PHP" is missing from "All Labs" section. So the total number of labs are actually 175. Someone might miss out on this one. :) Thanks and Regards, Vinay

Project corruption

Every time i re-open already saved project burp says that the project file is corrupted and i have to repair that project to continue working. If i reopen the repaired project next time, burp again complains that the file...

v2020.8.1 struggles when started with another service listening on localhost:8080

If you start the new version of Burp with another service already listening on localhost:8080, the Burp Proxy screen will show Burp repeatedly attempting to start the service, resulting in an unselectable flickering entry in...

lab-web-cache-poisoning-with-an-unkeyed-header

Hello! I'm trying to complete the lab, but when I send the home page request adding the "X-Forwarded-Host: " header, the request is not completed....if I remove this header and just send the cache buster in the URL it works...

[bug] Burp in transparent proxy mode forwards request to wrong port when host in Host header is different from host in request

# Environment ## Configure system that will make request though Burp in transparent proxy mode. I've used Ubuntu 20.04 on VirtualBox with bridged adapter configured. Change default gateway of this system to system with...

Reflected XSS finding with Burp Repeater

Hello, I have discovered a potential XSS vulnerability and would like to receive feedback from more experienced people. Okay, here it is. With Burp Repeater I was able to inject XSS payloads and with "show response" the...

Burp Embedded Browser non-functional in Kali 2020.3

Downloaded a new Kali 2020.3 vmware image and tried to use burp embedded browser. It is not diplayed properly: https://imgur.com/fuudEMH.png' It doesn't matter if I install from APT, install from x64 Linux installer or...

Using Burp Suite Pro - Windows installer 64 bit - 2020.8 And can't update...

Hi, I've been using Burp for years, but lately, I'm unable to update the app from within and use de Bapp Store also. Burp is installed on a windows 64 host, worked great for years, all networks are open and good to go....

Embedded browser initialization failed

Hi I am having an issue with the Response/Render feature of the embedded browser. When I click on "Render" in the "Response" tab I receive the following message "Embedded browser initialization failed" I also ran...

Lab: Blind XXE with out-of-band interaction,

Link: https://portswigger.net/web-security/xxe/blind/lab-xxe-with-out-of-band-interaction I am trying to complete this lab and I an unsure what I am doing wrong. Any help would be greatly appreciated. I have tried may...

Lost communication with BurpSuite

We are facing an issue "Lost communication with BurpSuite" while scanning after couple of hours. (Persistent issue) Our setup is like, The Burp tooling is hosted in 1 azure VM and application is hosted on another azure...

bug for labs

1.login to your practice labs. 2.select the topic which you want to practice 3load the practice labs 4.view page source 5.you can find the topic of practice labs(ex:Information disclosure on debug page),see the releted...

HELP - Burp suite professional scanner freezes with one specific web application

Hi everybody!, so, I'd like to know if you guys can help us with this problem. We're currently using AWS instances to run Burp suite scans, it's been that way for months now, so far so good, however one day, we needed...

History window not opening again when closed manually

Hey, I'm using i3 as window manager. When the History Filter Popup is open (from Proxy | HTTP History) and closed via i3 shortcut, it can not be openend again. When just unfocusing it, it properly closes and can be opened...

Unable to import .PFX in Project Options

I have a client side certificate in ".cer" format it has no provate ekys. I wanted to use this certificate in burp tool for testing. I used the "Project Options > TLS > Client TLS Certificates " and then used the "Add"...

No response received from remote server.

Whenever i try academys web cache poison labs, i can't get any response when i change header. Nothing returns. If i try change headers like X-Host or X-Forwarded-Host i get "No response received from remote server." error....

CSRF Lab - browsers blocking now?

Hi, Possibly this lab doesn't work in up to date browsers any longer? https://portswigger.net/web-security/dom-based/controlling-the-web-message-source/lab-dom-xss-using-web-messages hax4cookies

lab not found and web security academy page not found

i cant open any page related to "web security academy" nither learning document or lab, it says page not found. please help.

Lab issue?

Hi, Having a great time working the labs here. I seem to have run across a weird issue with the following...

Render will not function....still. BurpSuite 2020.6 on Kali (latest)

Hello, I have tried running the installed .sh file as well as the JAR file to no avail. I have followed instruction as per https://forum.portswigger.net/thread/unable-to-render-response-e5d0b33eaa and this as well does...