Bug Reports - Page 155 - Burp Suite User Forum

Burp closes itself with zero exit code and no exceptions nor output

This is the output of running Burp under strace: https://gist.github.com/berdario/97c3a973a78e7c081a34 And this is the output with strace...

Bug in Site map tab while showing only items in scope.

While showing only items in scope, if we activate the flags "Show only requested items" and "Show only parameterized requests" and disable them again, the Site map no longer show only items in scope, but show other requests....

java.sql.SQLException: Invalid column index not detected by active scanner

Hi, while working on an application with the active scanner of Burp 1.6.12 a lot of possible SQL injections like: -------------- SERVICE NOT AVAILABLE. Please refer to your system administration<br>FooException:...

Failed to parse the content of the page for SQL Injection indications in the passive scanner

Suppose the following scenario: I access a particular page, and in the body of the page you have a MySQL syntax error with the SQL query. The base request is always the same, it already has the SQL query in the...

File dialog paths across the application

Burp seems to maintain the same file path through-out the application. If would be useful if the last save/restore file location was stored separately to the load intruder payloads path.

recieving smart card error "card was detected but not the right one..."

I just started to receive a smart card error when attempting to load my smart card certificates to burp. I have been using the p11-capi.dll successfully for some time. The error I receive from the card manager follows. "A...

Escaping Help

Hi, Not sure if this should fall under "Bug Reports" or "Feature Requests" so please move if needed. Anyway, when looking at Burp's built in help (by clicking on the "?" mark) it pops up in a small window. I can not...

Intruder results: copying a column with Control-Click in Pro version

From the Intruder documentation: "You can reorder the table's contents by clicking on any column header [...] You can copy the contents of a column by Ctrl-clicking the header [Pro version]". Bug #1: A column is reordered...

Visual bug in Intruder when two payload sets are of type "Dates"

Tested on Burp Pro v1.6.11 on OpenJDK 1.7.0_75-b13 (and many different setups) That's an old bug, which happens only in a specific situation. How to reproduce: - send a request to Intruder - in the "Positions" tab,...

Maximising Burp

I'm having a bug with Burp on a multi-monitor setup where it won't maximize and take advantage of the full screen. See the image below for an explanation - Burp will only maximize to the bottom ~90% of the...

Duplicate type IDs?

Hey, I'm not sure if this is a bug or standard functionality, but some clarification would help. In recent releases we've seen some type IDs that are the same for different issues. <type>134217728</type> ...

PostData removed when changing cookies in repeater/params tab

When I change data in the params tab ( either deleting/editing/moving) parameters , the postdata in the resulting request is gone ! Postdata is in this form {"productId":"xxxxx#xxx#xxx"}. ( however also tested with...

DOM-based open redirection error

Hi, I am getting 'Open redirection (DOM-based)' error on all my pages . Can you help me to resolve this

Passive Scanning of .js CPU intensive and always retrying the same file

Hi there, I'm reporting a behavior that i've noticed since the new static code analysis was introduced. I've noticed that whenever there is a .js or other file that is Big or with complicated code, the passive scanner is...

Alert message while testing a website with its hostname

Hi Team, We are getting some issues while executing Burp Suite. When we execute the Burp Suite for a site with its IP, then it is working fine but when we are executing the same with its host name, we are getting Alert...

Uppercase when authenticated with NTLM

Hello, I want to report a important bug. If I use NTLM authentication burpsuite always sets uppercase letters for the login and for some case sensitive database it is problem. Thanks for repair. Excellent would be...

Row highlights

Let's say you have 20 items. You select row 10, hold down 'shift' and hit the 'up' button three times. Instead of lines 7-10 being highlighted, only lines 7-8 highlighted.

Scan queue being reordered

Pause the scanner, save the state and close Burp. Open Burp and restore the state. The number column under Scanner > Scan queue has been reordered starting at 1 instead of the previous numbers.

interface catastrophically broken in recently updated Debian 7

BURP Version: 1.6.09 Debian version: 7.8 (Wheezy) JRE: both OpenJDK and Oracle JRE XOrg Server: both XVFB and QXL Invocation: java -jar ./burpsuite_pro_v1.6.09.jar Mode of failure: Burp Suite windows do not...

Missed DOM XSS

We were testing your DOM XSS scanning capability against test web sites (from the makers of Ra.2) and noted to obvious false-negatives that were missed. EXAMPLE...