Burp Suite User Forum

Create new post

Simple SQLi identification failed

Hi, I found a little lack in SQLi identification, trying Burp on OWASP Bricks (https://www.owasp.org/index.php/OWASP_Bricks). In details, using active scan on "Login #4" page, Burp fails to identify the following...

Last updated: Apr 06, 2016 08:31PM UTC | 0 Agent replies | 1 Community replies | Bug Reports

Scanner unpaused scan of app1 when actively scanning a single page on app2 (SSO)

Here's the environment: - app1.example.com (SSO enabled app #1) - app2-stage.example.com (SSO enabled app #2) Here's the user story: 1.) Tester spiders app1 without SSO auth 2.) Tester does active scan of app1...

Last updated: Apr 04, 2016 10:44AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Bug with Extender self._callbacks.makeHttpRequest ?

When I use self._callbacks.makeHttpRequest in my extension and the target server responds with an SSL error such as "SSL received a record that exceeded the maximum permissible length. (Error code:...

Last updated: Apr 01, 2016 02:27AM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Burp triggers DNS queries despite using an upstream proxy

Hi, We are experiencing performance issues with Burp, with some web application pages taking over a minute to load. After investigation, we found out that Burp was issuing local DNS requests which could not be resolved...

Last updated: Mar 22, 2016 09:53AM UTC | 1 Agent replies | 5 Community replies | Bug Reports

burpsuite free crashes in kali linux

With the recent update in java, when i try to run burpsuite in kali linux 2.0, as soon as i try to use the application, burpsuite crashes. and the system crashes and logs me out. I have the following version of java in my...

Last updated: Mar 11, 2016 08:21PM UTC | 7 Agent replies | 11 Community replies | Bug Reports

Protocol and port missmatch in target - site map

Using burpsuite_pro_v1.6.39.jar (but had the problem in previous versions too) Brup Extender Plugins: Active Scan++, Error Message Checks, Java Deserialization Scanner, Software Version Reporter, Heartbleed I lately get...

Last updated: Mar 10, 2016 10:35AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Burp will not run if a directory within the path ends with an "!"

Burp will not run if a directory within the path ends with an "!". Burp was here: c:\!tools!\burp\burpsuite_pro_v1.6.38.jar. Moved the "burp" dir to the root directory and it runs fine. Tested by renaming the "burp" dir to...

Last updated: Mar 10, 2016 10:24AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

False positives due to non-encoded parameters

This is probably related to the new features implemented when http://blog.portswigger.net/2015/11/xss-in-hidden-input-fields.html was written. It seems to be that some new features of the active scanner are incorrectly...

Last updated: Mar 08, 2016 01:51PM UTC | 0 Agent replies | 0 Community replies | Bug Reports

Filter window reopens right after closing by clicking on the filter bar since 1.6.37

Clicking on the filter bar in previous versions closed the filter window. In 1.6.37 and .38 it reopens it, and it only closes if the mouse clicks somewhere else in the main Burp window (outside the filter window). Here's a...

Last updated: Mar 03, 2016 10:12AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Display Bug after a weird HTTP Response

While testing an application, I got the following HTTP Response: HTTP/1.1 200 OK Date: Mon, 22 Feb 2016 15:52:27 GMT Expires: Mon, 22 Feb 2016 15:52:27 GMT Cache-Control: no-cache, private, no-store Content-Type:...

Last updated: Feb 23, 2016 09:44AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

burp 1.6.36 crashes window manager under GNU/Linux

Hi, since version 1.6.36 I encounter severe problems with burp. I'm running Debian GNU/Linux with awesome window manager. Before I start any Java application I follow advise on...

Last updated: Feb 23, 2016 03:09AM UTC | 1 Agent replies | 3 Community replies | Bug Reports

Burp pro won't start

I downloaded every version of burpsuite . But nothing starts on my system . Mine is 32 bit OS with JDK 1.7 and JRE7. 12 February 2016 Burp Suite Professional v1.6.37 - Shows invalid/ corrupt file 21 January 2016 Burp...

Last updated: Feb 19, 2016 10:52AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

collaborator issues

Hi, I have observed a glitch in collaborator's functionality. While (selectively) testing the persisten-xss module i have noticed the following payload being used: ...

Last updated: Feb 16, 2016 06:58AM UTC | 1 Agent replies | 1 Community replies | Bug Reports

HTML rendering engine does not use upstream proxy configuration

When using Burp alongside an upstream proxy, rendering an HTTP response inside a response object will cause burp to fetch all page resources without going through the configured proxy. This can be pretty inconvenient...

Last updated: Feb 12, 2016 02:26PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

"Compare response" button causes Java errors, and sometimes doesn't render window

Using Java 1.8.0_66 on Mac OS X (fully patched and up to date for OS) I see Java exception when I click "Compare Response" on issues detected that have two requests. Sometimes the window renders as expected, sometimes it...

Last updated: Feb 10, 2016 03:32PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Crash when out of memory instead of error

When Burp runs out of memory, for example when restoring a large state, it just crashes, and the only way to close it is to kill the process. It should be doable to prevent this situation, and give an error like...

Last updated: Feb 02, 2016 12:05PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Multiple content types specified - false positive

Just ran into this (relatively minor) false positive. (Burp Pro 1.6.34) The report was issued over a a) Header: Content-Type: application/x-javascript and b) the string: '<meta http-equiv="Content-Type"...

Last updated: Jan 21, 2016 04:06PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

BurpSuite Pro crashes when using Grep feature in burp intruder after 1.6.33

After restoring a Burp Intruder attack from version =< 1.6.32, burp crashes if you try to use the Grep features in Intruder Options.

Last updated: Jan 21, 2016 01:28PM UTC | 2 Agent replies | 0 Community replies | Bug Reports

Collaborator issue

Hi I'm facing a permanent issue since collaborator has been implemented which is I never do heath check and get a positive result Here is screenshot of my situation...

Last updated: Jan 16, 2016 02:17PM UTC | 2 Agent replies | 0 Community replies | Bug Reports

Missing windows slider on Windows

Hi, when you are running Burp Suite on Windows, the windows slider is missing. It occurres when you have more items in a list view (i.e. in proxy tab) and you need to scroll down. Thank you.

Last updated: Jan 15, 2016 04:17PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Page 138 of 144

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image