Bug Reports - Page 108 - Burp Suite User Forum

Burp proxy incompatibility with 'deliver exploit to victim' labs

I've tried several of the CORS, DOM-based vulnerabilities and Web Cache Poisoning labs that require you to click the 'Deliver exploit to victim' in the Exploit server but has never worked when in Firefox v74.0 while proxying...

Burp Suite Professinal is crashing on MacOS

Since version 2020_6 Burp Suite Professinal is crashing on MacOS 10.13.6 . The crash happens mostly after some period of inactivity.

The client failed to negotiate a TLS connection to portswigger.net:443: Remote host terminated the handshake

Working with some mobile app validation and running into the subject's issue. Followed some additional forum post help posts and seeing the same issue when trying to access https://portswigger.net. Mac OS 10.15.6 Burp...

Burp Suite Enterprise - GraphQL error: Unexpected GraphQL error

Portswigger Support, I recently integrated LDAP authentication in Burp Suite Enterprise. I created a new Active Directory security group and successfully was able to login to the application with a domain joined...

Pretty-printing isn't enabled for SVG responses

SVG images are XML documents. However, Burp Pro 2020.7 doesn't allow to pretty-print SVG images, even if pretty-printing XML is possible. Not sure if the detection is based on the Content-Type, but here are my...

Solution not showing

I am trying to view the solution to labs and the button is not working on the website.

Unable to access

I am unable to access the solution tab in the labs.

Active scanner Issues

During my last scan, Some of the issues were no showing up on the dashboard. The Audit under the "tasks" tab I had only one low issue. However when going to "View details" -> "Audit Items" then 2 issues were shown, 1 low and...

Academy reflected xss lab not working

I ma trying to complete this lab: https://portswigger.net/web-security/cross-site-scripting/exploiting/lab-stealing-cookies I don't have burp professional so I instead use: https://webhook.site/ to send the user cookie...

Burp Suite Professional 2020.7 macOS Mojave 10.14.6 (18G6020) Crashing

Burp worked fine for a few days at first now it crashes every time I try to run the program. I have tried rebooting, uninstalling and reinstalling but the same problem persists and cannot even use Burp anymore. Crash report...

warning messages being displayed when scanning the already crawled pages

we are using burp professional. Hi we logged in to our web application and crawled through our application and then spidering and scanning the host. We are getting nearly 2000 warning message as below. "Scanner:...

Exploiting PHP deserialization with a pre-built gadget chain payload

Cookie: session=<?php echo $payload = urlencode('{"token":"'...

No more activation allowed for this license

I INSTALLED NEW OS I'm facing the issue of "No more activation allowed for this license"

After Update: Unable to Capture HTTPS traffic

Hi, Yesterday I have update my Burp Professional to v2020.6. It is throwing error for all HTTPs sites. "The client failed to negotiate a TLS connection to www.xxx.com:received fatal error certificate unknown. OS:...

Burp Suite Professional v2020.6 - CSRF PoC Generator "Test in browser" incorrect URL

Hello, When generating a CSRF PoC and using the "Test in browser" feature, it gives the following URL: - http://burpsuite/show/... However that URL is incorrect, the correct URL is: - http://burp/show/... Thanks.

Active Scan insertion point types & other bugs

I found some issues with the insertion point types setting for active scans. It behaves weirdly and it seems like it has some bugs. 1. Setup: -I used Logger++ to see what is happening -I intercepted a request from the...

Burp Suite Pro v2020.6 Trial: Getting 'Paused due to error: Could not connect to any seed URLs'

Hi, I am trialing Burp Suite Pro v2020.6. I am pointing the GUI to an application URL which is publically available, running on AWS. When I kick off the audit and scan, it starts, then stops quickly with 'Paused due to...

Unable to enable https

Hi team, I try to upload the company's ssl cert to enable the https feature but got an error after I upload the cert and click on green check icon, the error message I got is "Failed to update Web Server settings", I...

IMessageEditor does not show markers

When I set up a marked request or response for a IMessageEditor instance, it does not appear to be honored. The editor loads the message okay, but there aren't any markers on it. So if I do something like this: int[]...

License problems

1)We buy new license for our burp enterprise server 2)Import license - success 3)Update server from update page (we dont update old server for few month) - license become status "Requires activation" 4)If we try update...