Bug Reports - Page 120 - Burp Suite User Forum

Issue Missing

Hi, I noticed that a particular Issue (HTTP Request Smuggling: CL.TE badwrap) generated by the HTTP Request Smuggler extension is reported in the dashboard but it does not appear in the Target > Issues Tab of the relative...

Target > Contents displays 304 response instead of 200

Hi, I detected an issue in the latest Burp version where even though Burp has the "200 Ok" response for certain requests (they can be found in proxy history and search functionality) the Contents section of Target displays...

Can you please reset the webpage for the DOM-Clobbering LAB?

Could you please reset the webpage for the following lab for my account? https://portswigger.net/web-security/dom-based/dom-clobbering/lab-dom-xss-exploiting-dom-clobbering I am out of possible comments on the page and...

[v2020.1+v2.1.07/macOS 10.15.3] Embedded browser health check failed

In both the latest v2020.1 version and in the previous 2.1.07 one, the embedded browser health check failed with the attached error: it looks like the libGLES/libEGL libraries are expected to be of some other size. Image...

URL scan with multiple options from Burp Plugin giving error

Hello Team, I am running scan of URL as mentioned below having multiple options from Jenkins using Burp Scan plugin. When I run the scan from Burp Enterprise it is getting triggered but when I run scan for same URL from...

Missing HTTP Message Display Fonts in v2020.1

Hi, I use Arial as well as few other fonts for HTTP Message Display Fonts (user options > display > http message display) . Version 1.7 has over 200 fonts available to chose from. I just upgrade to v2020.1 and there...

Never receive mail with download link

I, I've re-tried some times, but I never receive the mail with the download link for Burp Suite Trial Edition. My e-mail is : darkmatter.23@libero.it. Thank you very much!

Scan Configuration UI Fails to load after Burp Enterprise 2020.1 Upgrade

The scan configuration UI in Burp Enterprise 2020.1 fails to load. This is happening post upgrade {code: 1, error: "Problem retrieving scan config UI"} code: 1 error: "Problem retrieving scan config UI"

SmartCard Client SSL Certificate

Hi, we have an internal setup where we use SmartCards for Authentication. In Burp 1.7 this worked like a charm but somewhere after the 2.0 upgrade something broke. At the last step (where you enter your PIN code) the...

Issue with response from lab link

Hi, I am not getting any response back from one of the lab exercise link "https://acf11fe21f086c81803b383000780037.web-security-academy.net" when i am forwarding the intercepted traffic from burp back to this link. The...

Not able to log into certain websites while proxying through Burp

I've noticed on a number of engagements recently that I haven't been able to log in to certain sites (sensitive so unfortunately can't share). Generally if I click login nothing will happen. Browsing the rest of the site...

[v2020.1/macOS 10.15.3] "Convert selection" not working in read-only request/response panels

In the latest 2020.1 version running on macOS installed with the .dmg installer and/or updated with the updater, the "Convert selection" menu item will not let one convert the selection inside the read-only request/response...

Scan results are not displayed properly on browser: IE, Edge and Firefox

Hello Team, We have triggered scan from Burp Enterprise. On IE, Edge or Firefox browser when we click the 'Site' from Scan Dashboard it opens Scan details page. There the details are seen overlap on these browser. It...

Date Modified Timestamp On Windows

Hi, While using burp 1.7.37 on Windows I noticed that the "Date Modified" field is not being updated after closing Burp Suite. I use version control system to upload the latest version of burp file to a repository and it...

Dark Theme - Buttons in Burp Collaborator not "changing" / "switching" when clicked...

Love the dark theme, but I think it's missing a small component. When using the dark theme, in the Burp Collaborator Client, buttons do not switch or change when I click them (lighter or darker would be fine). Simply put,...

2020.1 New Editor Modifies Binary Data Unexpectedly

Hi, I noticed that editing a file upload request in repeater modifies the content of the file. To reproduce the issue, intercept a file upload and send to repeater. Then add a character in the editor and delete any...

Burp Suite Pro showing wrong time

Under HTTP history the time of all requests are one hour late from the actual time. From diagnostics I can see "user.timezone America/Sao_Paulo" which is right. I believe this is a bug related our summer time which has...

Lab: Exploiting HTTP request smuggling to bypass front-end security controls, TE.CL vulnerability

Lab doesn't seem to be working for me, even when I follow the solution. Getting timeout errors. This is what I'm trying to use, host url is correct, target is correct, update content length is not checkmarked, and keey...

Header information replaced in Proxy intercept but not in Target Scope

Hi I've set up an HTTP header replacement rule in Proxy > Options > Match and Replace and it works OK when looking at an intercepted request in the Proxy > Intercept > Raw window. However, when I forward the request and...

[webacademy] Bug in explanation of blind SQLi

There is a bug in section 'Exploiting blind SQL injection by triggering conditional responses', page https://portswigger.net/web-security/sql-injection/blind. Initial query is SELECT TrackingId FROM TrackedUsers WHERE...