Bug Reports - Page 14 - Burp Suite User Forum

Burp UI Issue

Hi, I freshly installed Burp Community Version on Kali Linux on an M1 Pro Mac with VMWare Fusion. The issue I am facing is that the UI is very glitchy and almost unusable. I am using java-17-openjdk-arm64 and...

Montoya sendToIntruder requires insertion points to be in size order

Hi, When creating custom insertion points, if they are not in size order the API throws an IllegalArgumentException: Invalid custom payload positions. To replicate this: Create a list of Ranges and add the...

Burp Suite Professional Installer hangs - no UI

Hi folks, I'm trying to upgrade Burp Suite Professional to the version in burpsuite_pro_macos_v2021_10.dmg, but the installer doesn't work. Specifically: 1) It displays a splash screen titled Burp Suite installation...

Learning path "Server-side vulnerabilities" was reseted

I just ended new APPRENTICE thing "Server-side vulnerabilities". And now all progress lost when I check it in my profile

Files get corrupted when using "Paste from File"

In Burp Repeater, if I open a blank repeater tab and use "Paste from File", the file gets corrupted if there are two new lines in a row anywhere above the file. To demonstrate: - Open a new tab and right click "Paste from...

Copy and Paste within burpsuite

I am having issues copying and pasting within burpsuite, specifically from decorder over to the proxy section. I am doing labs on hack the box and something that should be so simple is not working. I checked the settings and...

CA CERTIFICATE

I can download ca certificate, but its size is zero kilobytes. What is the problem? Thanks for the quick help.

Lab not marked as solved

So I successfully solved the "CSRF vulnerability with no defenses" lab and tested my solution and it works. However, whenever I deliver expoit to user I don't get that the lab is solved. Can you please help me with this...

WOFF not recognized as a Content Type

Most of the times that I see the "Content type incorrectly stated" issue these days it is related to WOFF (Web Open Font Format). This is the issue text: "The response states that the content type is...

Unable to quit Burp after undocking Proxy tab

I detached the Proxy tab and quit Burp and it saved that way. I want to change it back ... now if I re-attach the tab or use view -> restore default tab layout and try to quit, nothing happens. If I force quit, the tab...

Report bug in Authentication 2FA simple bypass lab

After entering the username and password on the 'my account' page close the lab tab without entering the 4-Digit security code. Then access the lab again, and go to the 'my account' page LAB SOLVED.

automatic addition of the \r character when copy a newline character (\n)

I hope this message finds you well. I'm currently experiencing a peculiar issue with Burp Suite that I would like to address. When I copy a newline character (\n) and then paste it into a text field, Burp Suite automatically...

Burp labs reporting error "Could not create new HTTP/2 connection" when trying to connect

I'm trying to connect to the site to solve the lab but it returns that error. I've tried reimporting the certificate, resetting the proxy options and reinstalling my Kali VM. The proxy connection works because it loads the...

unusable interface issue

Image previw: https://imgur.com/61GYvxV I just launched Burp and have no idea why it looks like this, I tried reinstalling it and it is the same thing. display settings: res: 1920x1080 dpi: 96

Intruder never starts with from given didget

For example if you chose numbers and you start from 0000 to 9999 (10.000 options) it will not try to brute force the endpoint $0000$ from 0001 to 9999 instead it will scan from 1 to 9999 Is this a bug or is there a way...

Notes feature is missing from Repeater

I am unable to find the notes feature in the repeater tab in version 2023.10.1.2. Can you please help in finding it? I think either it has been removed from the mentioned release or there is some bug due to which its not...

Burp with Azure iotedge

I tried to use Burp with an Azure IOT edge client. It's a special kind of software that is for example installed on a VM that should talk to Azure. Of course it talks HTTP/HTTPS and even supports proxying. However, I...

Filter by search terms broken when using nonascii characters

Hi, We live in Romania and when working in our native language we are also using non-ASCII characters: ăîâșț. I noticed that if I use these in a website proxied through Burp the filter does not find this characters....

With valid payload unable to complete the lab

Hi Team, I am working on following lab," DOM XSS in jQuery anchor href attribute sink using location.search source". I was able to use following payloads, and popup is seen, but lab status is still not solved. Some...

Lab not working

Hi Team, The NoSQL injection bypass authentication lab is not working properly. I am able to login to wiener account with the NoSQL injection but not the administrator. I guess the administrator user was not added to the...