Bug Reports - Page 132 - Burp Suite User Forum

Cookies set to a blank value

This issue occurs when running the scanner tool (I haven't tested on other tools), and if you have the setting to update the cookie jar from responses for the tool. If one of your responses contains an empty cookie (e.g....

Macro Cookie Handling - Project File

Hello, When in the macro editor and going to 'Configure Item', you can change the cookie handling behaviour of the macro. I have noticed that when un-ticking 'Add cookies received in responses to the session handling...

Burp Suite javax.net.ssl.SSLException: Tag mismatch!

I have Burp Suite Professional v1.7.22 running on macOS Sierra 10.12.4 with Java: 1.8.0_131-b11 And I'm getting an error trying to establish SSL connections: In the alerts tab: Proxy - javax.net.ssl.SSLException: Tag...

Session Validity Check

Hello, I have a couple of cases where I need two session handling rules: 1. One for logging in after deauth/logout 2. One for checking for 500 responses and reacting with a POST When I fire the request (causing...

SSL websocket connection on not standard port send to port 443

I'm trying to intercept secure websocket traffic of an application with burp. I've set up an invisible proxy listener on port 8081 (the port of the websocket server). The websocket upgrade request is captured correctly...

Invalid cert warnings with Chrome 64 on Ubuntu 16.04.03 with Burp version 1.7.32

I regenerated the Burp certificate, extracted it (cacert.der) from the above-mentioned chrome using "http://burp/cert", copied the cert to /usr/share/ca-certificates/extra, used openssl to translate the DER form to PEM form...

unreliable spelling of Authorization: Bearer in requests leaving the BURP proxy

My attempts to proxy a couple of requests to a test salesforce instance (get auth token from test.salesforce.com, post an action to csXX.salesforce.com with "Authorization: Bearer TOKEN") got "401 Authorization denied". I...

Memory Leak

Hello, I upgraded Burp today to 1.7.31 on a Kali Linux virtual machine, it runs for about 20 minutes, eats all the RAM, and falls over, even on a very simple site with no scanning (other than passive, and no static code...

Proxy connection closed

Hello I have problem using the proxy.Using kali linux I have set my btowser on 127.0.01:8080 like the default on my burpsuit The intercept is on.I tryed this on my virtual box kali and on my main os kali the burpsuit version...

Text highlighted ... in black

Suddenly today, when I click in any Burp window that shows text, the text gets "highlighted" in black. And it's black text. So I can't see anything. If I open a different tool in Burp, and then come back, the view is...

Burp Collaborator WAF triggering/not obeying options

Hey, I am currently using Burp to run an assessment on a website. They use Incapsula as a WAF, which is being triggered very frequently. At first I thought it might be related to spidering too fast, but I modified the...

Received Fatal Alert: Handshake_Failure

Hi, I am a Burp pro user. My Burp pro throws an error in web screen and Alert tab in the burp like the subject: Received Falat Alert: Handshake_Failure. Firstly, I need to tell you that I took the certificate from...

PortSwigger Certificate invalid

(I'm using macOS High Sierra 10.13.3 and Burp Suite Community Edition v1.7.32) I've followed the instructions to install the Burp Certificate...

IParameter Flags

The flag fields in IParameter are set to default visibility. I'm guessing they are intended to be public.

problem

"><a href="javascript:confirm%28 1%29">Clickme</a>

Burp import project

Thanks for the new "Burp import project" feature. Burp requires that you have a disk-based project to be able to import projects after opening Burp. So if you have a temporary project then you cannot import. When you...

Scanner Issue Activity import project

When importing a project the scanner issue activity remained empty, no issues were imported. However, when opening the same project normally (during start up of Burp), all of the issues populated the scanner issue...

Not able to upgrade the Burp Suite from v1.7.07 to 1.7.30

I have Burp Suite of version v1.7.07 installed on machine now wanted to upgrade it to the latest version 1.7.30 I clicked on 'Update Now' button, downloading is completed till 100% but nothing will happen then. Please...

Excluded scanner issue still showing up in report

Using 1.7.30 Minor thing here... I excluded a bunch of individual scan issues and ran a scan. In the final results, I still had "Python code injection" showing up in the results of issue types, even though it was excluded.

Intruder not starting a saved attack

Hi All I have been running an intruder attack and saving periodically and restarting without issues. However following a necessary save, reboot and resume i have been unable to get intruder to successfully open the saved...