Bug Reports - Page 145 - Burp Suite User Forum

Version burpsuite_pro_v1.7.15 (OSX) is crashing when trying to start

While trying to start, the burp window opens but closes just after the screen refresh. It is strange because the JVM don't crash. The worst part is, I can not use the older version to reopen the project as now burps...

Viewing aspx extensions

Hi, When using Burp Suite Pro I've come across a problem where the response tabs are unable to display the raw response from aspx file extensions. When copying the raw response into both classic Notepad and Notepad++...

Cancelling a repeater request looses history

In the repeater, if a request is timing out and it is cancelled then the history is lost, i.e. the arrows stop working and you can't see other requests. Done it for me a few times on current test so very repeatable.

Mouse events ignored in filter text boxes

In some text inputs like the filters (by search term, by file extension: show/hide) in both the Target and Proxy tab seem to update the internals only when there's a keystroke event fired in them (the user either deletes or...

Java crypto policy files overwritten on upgrade

I'm testing a site which requires the alternative Java crypto policy files, I put them in place but after a Burp upgrade they were put back to the original ones. Left me confused as to why I could no longer access the...

Cacheable responses

HTTP, not just HTTPS responses obey the cache control headers, yes? So, shouldn't the finding for 'https://portswigger.net/KnowledgeBase/issues/Details/00700100_CacheableHTTPSresponse' be more generic. I noted in a...

Burp not working correctly if WAF uses connection reset

Hi, I am currently expecting a strange issue with Burp, which affects the active scanner. I have used the active scanner against a web application which is protected by some kind of WAF. The WAF works like this: if the...

Burp Project looses data

So this problem can cause loss of data in already saved project? Because is what happened to me unfortunately. Also, you know on which OS this problem can occur?

Missing Directory Listing vulnerability

Hello, In a recent engagement I found page that indeed there is directory listing but burp cannot identify it in any way. The source page also contains the string "Directory Listing For /....". I have run active and...

Burp Suite SSL Certificate Error (peer not authenticated)

Hi, We have encounter wired error while intercepting an application with SSL. 1480321180146 Repeater Auto-selected SSL parameters for domainstagxyz.domainxyz.com: default protocols,...

Scanner is very slow running

Burp Scanner is very slow running why ???

Let's Encrypts certificates

Burp appears to mark certs issued by Let's Encrypt as untrusted. Because of this, some plugins, like the relatively recent Dradis Framework plugin will fail.

Burp Active Scanner failed to detect certain XSS in JSON requests

Burp Active Scanner is unable to detect certain kinds of JSON parameter which are vulnerable to XSS Please refer to the below screenshot: https://dl.dropboxusercontent.com/u/9636822/jsonxss.png During manual...

In the active scan, sqli and judgment has a problem

My English is not good. In the active scan, (and 1=1) and (and 1=2 ) The returned result is different but the scan Not detected There is a problem

Hard-to-read HTML pages such as Extender and Documentation

I just noticed that most of the internally-accessible BurpSuite documentation isn't being shown correctly on my installation, as well as the Extender tool is difficult to read since the HTML source code is shown...

Burp Project looses data

I used burp 1.7.10 for a whole day without problems. I created a new project and at the end of the day i just closed burp without any errors or problems. The 2nd day i opened the same project and everything was fine, no...

XSS False positive

I have some reflected XSS reported as high+certain when actually there's no vulnerability. There is a specific header (anti Csrf) which is added by some js on page. Since a request from another domain won't be able to add...

negotiate authentication trouble

i'm used Burp Suite Professional last V i try to login website with negotiate authentication Burp Suite don't accept negotiate authentication how can i fix that ??

Target of CONNECT Sends Data First, Data not seen by Client; Expected?

Four scenarios: 1) Client -> Target 2) Client -> Squid -> Target 3) Client -> Burp Proxy (CONNECT) -> Target 4) Client -> Burp -> Squid -> Target * The underlying communications between the client and target in not...

Burp Suite 1.7.08 Infected/Backdoored?

burpsuite_pro_v1.7.08.jar MD5: eb98fc4432cff3e288afd2bd2b6b3661 SHA256:...

Version burpsuite_pro_v1.7.15 (OSX) is crashing when trying to start

Viewing aspx extensions

Cancelling a repeater request looses history

Mouse events ignored in filter text boxes

Java crypto policy files overwritten on upgrade

Cacheable responses

Burp not working correctly if WAF uses connection reset

Burp Project looses data

Missing Directory Listing vulnerability

Burp Suite SSL Certificate Error (peer not authenticated)

Scanner is very slow running

Let's Encrypts certificates

Burp Active Scanner failed to detect certain XSS in JSON requests

In the active scan, sqli and judgment has a problem

Hard-to-read HTML pages such as Extender and Documentation

Burp Project looses data

XSS False positive

negotiate authentication trouble

Target of CONNECT Sends Data First, Data not seen by Client; Expected?

Burp Suite 1.7.08 Infected/Backdoored?

Burp Suite Support Center