Burp Suite User Forum
I get this for when I try to move my Burp installation to a new computer at work. Can you please add some more for me. This message is really weird, as you're licensing terms seems to be "yeah, it's a per user license, and...
Hi, When I try adding a duplicate Host header in this lab, I get a 404 status code. The solution reads: "Notice that if you add a second Host header with an arbitrary value, this appears to be ignored when validating and...
I am experiencing issue in accessing the LABs specifically for the CSRF portion. Is it me only?
Hello, Lab: SameSite Lax bypass via cookie refresh Is throwing a 504 Gateway time-out error, I had no issue working and using other labs in CSRF and this one will not load. The lab might need to be reset. Thank you
The intruder is not encoding anything except . (dot) Original Payload: test@domain.com Once intruder attack begins, payload looks like this: test@domain%2ecom I have unchecked URL encoding under payloads tab already,...
Hello, I've unchecked all of the response and request interception rules, this should in theory intercept all responses and requests. For some reasons I'm able to intercept the request for a JS script but not the...
Hello, I am using Burp Suite Professional and when completing the labs it randomly gives me an 504 Gateway Timeout. I have to close the lab completely and load it again, which consumes time because it does it quite a lot. Is...
I have been using the Academy in the last 3 days and I have been experiencing random periods when labs do not work properly, sessions with the server time out, and so on. Are you aware of this issue? Perhaps are you...
Found on Burp Suite Community Edition v.2020.12.1 1. I'm trying to start intruder attack with following payload: type: recursive grep initial payload: 2021-01-12 16:27:24.056815 (timestamp with characters wich...
Hi PortSwigger Team, Even after completing more times "Basic clickjacking with CSRF token protection" and "Clickjacking with form input data prefilled from a URL parameter" labs, they are showing as not solved. I just...
Whe I click Access the lab button on any vulnerability lab it opens the page with 400 bad request.
I am trying to solve the mentioned lab, with the payload provided by the academy, by the payload isn't working. When i view the payload, the request is indeed sent to stock subdomain, but it replies with...
I'm having trouble with this lab. When I click on 'View exploit' I have the login page coming up, of course with no 'delete' button. I'm using Burp's browser Chromium and here's my script, of course I'm changing the lab Id...
Hello! I managed to trigger the XSS payload on the exploit server but the lab is not marked as solved. I used this payload for the response body on the exploit server: <iframe...
Hi! Long time Burp Pro user (4 years). Having trouble with the Burp Browser on M3 macbook pro. VPN is off, AntiVirus is off, Proxy setting offs. Does not work on multiple WiFi networks including hotspot. Any additional...
Hello! I think the description of what the simulated victim does should be updated on this lab. I used XSS to relace the current page content with the login form (after fetching it dynamically), then hook on the submit...
Hi, I am currently doing the API labs. Every time i try to do a lab in the academy, the servers keep crashing and i have to wait approx 10 minutes for them to come back online and start working again..Just for them to...
Hi, This would be easier to explain with screenshots but I do my best to explain below. I am working on the "Authentication bypass via encryption oracle" lab for business logic vulnerabilities. I have submitted a...
I am stuck on this lab, and cant seem to complete it. I've gone through the proposed solution multiple times as well as looked up other online solutions. Whenever i try to view my own exploit i get redirected to the...
Hi this is my solution and and works fine when clicking "view exploit" (i see my messages at the access log) but when I deliver to victim there is no incoming request. can you pls fix the lab? I was going crazy about what...
Page 2 of 148
Your source for help and advice on all things Burp-related.