Burp Suite User Forum

Create new post

Issue Definitions

Hi, Below page contains a list of issue that Burp Suite can report. https://portswigger.net/kb/issues It will be really helpful if it can hint about the cause and possible fix for it. We really don't have idea what is...

Last updated: Mar 27, 2018 03:52PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Scanner do not resume

Hello, During an active scan I canceled some items and paused the scan (or the opposite, I don't recall the exact sequence). The results was when I tried to resume the scan, the items I wanted to scan stayed in "waiting"...

Last updated: Mar 27, 2018 07:02AM UTC | 1 Agent replies | 1 Community replies | Bug Reports

What is abuse of functionality reported by Burp suite

Our security team has reported something called [What is abuse of functionality], by which the user entry can be altered to some other value, even though we have validation for it. Lets say, one can choose max next 30 days...

Last updated: Mar 26, 2018 07:18AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

skip server-side injection not preventing requests

Adding an entry to "Skip server-side injection..." in the Scanner Options does not prevent that (for instance) parameter from being actively tested, i.e. making requests with payloads on that parameter. I need to add the...

Last updated: Mar 23, 2018 02:12PM UTC | 3 Agent replies | 3 Community replies | Bug Reports

Cookies not updated for proxy anymore

Hello, Session handling rules/Rule Actions: Use cookies from the session handling cookie jar with Proxy set as the scope does not work anymore. It used to work in previous versions. It was one of most important feature...

Last updated: Mar 19, 2018 10:22AM UTC | 2 Agent replies | 2 Community replies | Bug Reports

Automatic backup failed

Get this message: https://i.imgur.com/XDPPoHl.png Burp Suite Professional 1.7.32. Not sure if there are any error logs I could look at anywhere?

Last updated: Mar 16, 2018 11:15AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Duplicate entries for single project in disk project list

I noticed this weird behavior when I named one like "thatProject" with a mix of upper and lower letters now it always show as duplicate entries in projects list like: "ThatProject" "/path/ThatProject.burp" ...

Last updated: Mar 16, 2018 03:26AM UTC | 4 Agent replies | 4 Community replies | Bug Reports

Proxy dont record some of the requets

Hi, I use the proxy to capture the request i made to my api. Some of the requests are not captured by the proxy (mostly PUT and DELETE) any idea why?

Last updated: Mar 14, 2018 02:23PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

The value of toolFlag transforms from TOOL_EXTENDER to TOOL_SCANNER

Since version 1.7.32 of BurpSuite, when a Burp Extender sends HTTP requests using IBurpExtenderCallbacks#makeHttpRequest while active scanning, IHttpListener#processHttpMessage sets IBurpExtenderCallbacks#TOOL_SCANNER to the...

Last updated: Mar 13, 2018 09:01AM UTC | 5 Agent replies | 3 Community replies | Bug Reports

Downloading updates via the BURP scanner tool

To Whom this May Concern, I am attempting to download newer versions of the tool via the update prompt that comes up in the tool. When I click to download the installer it appears to be downloading and gets to...

Last updated: Mar 11, 2018 06:44AM UTC | 3 Agent replies | 5 Community replies | Bug Reports

Cookies set to a blank value

This issue occurs when running the scanner tool (I haven't tested on other tools), and if you have the setting to update the cookie jar from responses for the tool. If one of your responses contains an empty cookie (e.g....

Last updated: Mar 08, 2018 04:04PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Macro Cookie Handling - Project File

Hello, When in the macro editor and going to 'Configure Item', you can change the cookie handling behaviour of the macro. I have noticed that when un-ticking 'Add cookies received in responses to the session handling...

Last updated: Mar 08, 2018 03:16PM UTC | 4 Agent replies | 3 Community replies | Bug Reports

Burp Suite javax.net.ssl.SSLException: Tag mismatch!

I have Burp Suite Professional v1.7.22 running on macOS Sierra 10.12.4 with Java: 1.8.0_131-b11 And I'm getting an error trying to establish SSL connections: In the alerts tab: Proxy - javax.net.ssl.SSLException: Tag...

Last updated: Mar 05, 2018 07:18AM UTC | 2 Agent replies | 3 Community replies | Bug Reports

Session Validity Check

Hello, I have a couple of cases where I need two session handling rules: 1. One for logging in after deauth/logout 2. One for checking for 500 responses and reacting with a POST When I fire the request (causing...

Last updated: Mar 02, 2018 12:38PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

SSL websocket connection on not standard port send to port 443

I'm trying to intercept secure websocket traffic of an application with burp. I've set up an invisible proxy listener on port 8081 (the port of the websocket server). The websocket upgrade request is captured correctly...

Last updated: Feb 26, 2018 10:17AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Invalid cert warnings with Chrome 64 on Ubuntu 16.04.03 with Burp version 1.7.32

I regenerated the Burp certificate, extracted it (cacert.der) from the above-mentioned chrome using "http://burp/cert", copied the cert to /usr/share/ca-certificates/extra, used openssl to translate the DER form to PEM form...

Last updated: Feb 22, 2018 03:50PM UTC | 2 Agent replies | 2 Community replies | Bug Reports

unreliable spelling of Authorization: Bearer in requests leaving the BURP proxy

My attempts to proxy a couple of requests to a test salesforce instance (get auth token from test.salesforce.com, post an action to csXX.salesforce.com with "Authorization: Bearer TOKEN") got "401 Authorization denied". I...

Last updated: Feb 21, 2018 10:05AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Memory Leak

Hello, I upgraded Burp today to 1.7.31 on a Kali Linux virtual machine, it runs for about 20 minutes, eats all the RAM, and falls over, even on a very simple site with no scanning (other than passive, and no static code...

Last updated: Feb 19, 2018 02:45PM UTC | 3 Agent replies | 3 Community replies | Bug Reports

Proxy connection closed

Hello I have problem using the proxy.Using kali linux I have set my btowser on 127.0.01:8080 like the default on my burpsuit The intercept is on.I tryed this on my virtual box kali and on my main os kali the burpsuit version...

Last updated: Feb 17, 2018 08:26AM UTC | 3 Agent replies | 5 Community replies | Bug Reports

Text highlighted ... in black

Suddenly today, when I click in any Burp window that shows text, the text gets "highlighted" in black. And it's black text. So I can't see anything. If I open a different tool in Burp, and then come back, the view is...

Last updated: Feb 15, 2018 02:03PM UTC | 6 Agent replies | 8 Community replies | Bug Reports

Page 129 of 146

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image