Burp Suite User Forum

Login to post

burp community-failed to connect to website.com:443

Hi, I'm trying to connect to website using burp chromium browser. But most of the time, the loading end by an error screen saying "failed to connect to website.com:443" I searched but didn't fought any awnser that helped...

Last updated: Nov 16, 2022 08:10AM UTC | 3 Agent replies | 3 Community replies | Bug Reports

Burp Does Not Redirect

The application I am testing uses SiteMinder for SSO, and this produces a redirect of the form... <HTML><HEAD><TITLE></TITLE></HEAD><BODY onLoad="document.AUTOSUBMIT.submit();">... <FORM NAME="AUTOSUBMIT" METHOD="POST"...

Last updated: Nov 15, 2022 01:13PM UTC | 7 Agent replies | 3 Community replies | Bug Reports

2nd Solution in Lab: "DOM-based open redirection"

I redirected to: https://YOUR-LAB-ID.web-security-academy.net/post/comment/confirmation?postId=%22%3E%3Cscript%3Elocation%3D%22https%3A%2F%2FYOUR-EXPLOIT-SERVER-ID.exploit-server.net%22%3B%3C%2Fscript%3E but the Lab...

Last updated: Nov 14, 2022 12:31PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

(Unintended Solution) for Lab: Stored XSS into anchor href attribute with double quotes HTML-encoded

Hi, The lab for teaching XSS that is supposed to encode double quotes did not actually HTML-encode the character ", the following payload works. Relevant...

Last updated: Nov 14, 2022 11:42AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Problem with sqlmap after burp update to 2021.4.2

Sqlmap can be run by giving --proxy https://127.0.0.1:8080 which will take alll its data through burp. However, after the recent update in burpsuite, while running sqlmap with burp proxy, getting error: [18:24:03] [INFO]...

Last updated: Nov 14, 2022 11:34AM UTC | 6 Agent replies | 6 Community replies | Bug Reports

Backup file deleted when running automatic project file repair

Hello, I just had a bunch of scans running, when the PC ran out of resources and crashed. (Environment: Windows 10 22H2, Burp Suite Professional v2022.9.5) After restarting the PC, upon loading the original project file,...

Last updated: Nov 14, 2022 10:31AM UTC | 2 Agent replies | 3 Community replies | Bug Reports

Burp Suite built in browser passes healthchecks but in practice does not work.

Hello, # Problem The built in Chromium based browser is appending the string "http:8080/$URL/" causing a "ERR_INVALID_REDIRECT" error. For example typing "google.com" into the URI bar without quotes and pressing...

Last updated: Nov 14, 2022 09:26AM UTC | 1 Agent replies | 1 Community replies | Bug Reports

LAB: Web cache poisoning via a fat GET request

Hi, I'm having trouble to finish this lab. I'm able to poison the cache and get alert(1) in Chrome, but the lab doesn't want to accept the solution (change the status to solved) P.S. Thanks for the Academy and all your...

Last updated: Nov 09, 2022 05:45PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Crawler does not crawl through websites thoroughly

Greetings, My team is subscribed to Burp Suite Professional and recently I ran some test on the crawler to testify on its accuracy that it is good enough to run automated scan. We've configured the crawler setting to...

Last updated: Nov 09, 2022 01:13PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Time discrepancy in Intruder vs Logger

I've been using intruder to test some timeouts. I put a request in intruder, set null payloads, set the resource pool to send a single request every 5 minutes so I can see when things quit working.. What I've noticed is...

Last updated: Nov 09, 2022 12:31PM UTC | 3 Agent replies | 1 Community replies | Bug Reports

JWT Editor Keys extension not working properly

Hello, I'm not able to Modify/Sign/Verify jwts with the JWT editor Keys extension. Buttons just can't be clicked. Can you explain why? Here's a screenshoot: https://ibb.co/tbRkRHK

Last updated: Nov 09, 2022 12:04PM UTC | 0 Agent replies | 2 Community replies | Bug Reports

problem-checking-license

While trying to upload licence i got this message. There was a problem checking your license Please download your license key from your account and try again. For help please visit the support center on our...

Last updated: Nov 08, 2022 04:25PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Domain with underscore gives error

I am trying to perform some tests on a website which domain name contains the underscore character '_' , the browser throws a 'ERR_SSL_PROTOCOL_ERROR', it doesn't even intercept requests made to the website and the only...

Last updated: Nov 08, 2022 09:14AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Examity does not redirect me

Hi, I'm currently not getting redirected to start the exam once I'm logged into Examity. Is there maintenance still going with their service? Or is it something wrong on my side? Kind regards,

Last updated: Nov 07, 2022 12:12PM UTC | 3 Agent replies | 1 Community replies | Bug Reports

Can spin up the built in browser

net.portswigger.devtools.client.x3: unable to start browser

Last updated: Nov 07, 2022 09:00AM UTC | 1 Agent replies | 1 Community replies | Bug Reports

prcatice exam button dont work

do i need to buy exam first before i try to take the practice exam? there is no button to press (only the graphic of the button) no error messages of some sotr what can i do?

Last updated: Nov 07, 2022 08:16AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Cannot find Burp Collaborator client

Hi, I use BurpSuite Pro on MacOS. I don't know why but today I couldn't find a way to open Burp Collaborator client. Normally, it was under "Burp" on the top menu bar. But today it just disappeared. May anyone help??

Last updated: Nov 04, 2022 09:14AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Can no longer intercept Iphone requests (Apps and browsers) : 403 remote host terminated the handshake

I started having this issue 4 days ago, before that i had no trouble intercept requests from my iPhone. Device: - Iphone X: with Full Trust CA enabled - Burpsuite install on both MacOS and Windows machine - Burpsuite...

Last updated: Nov 04, 2022 04:02AM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Open redirection (DOM-based)

Findings: The application may be vulnerable to DOM-based open redirection. Data is read from window.location.href and passed to window.location.href. Static Analysis: Data is read from window.location.href and...

Last updated: Nov 03, 2022 12:08PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Cross-site scripting (DOM-based) - Data is read from location and passed to $()

Static Analysis: Data is read from location and passed to $() via the following statement: window._gaq.push(['_trackEvent', 'Cookies', 'Learn more link clicked', $(location).attr('href')]) Vulnerable Code: ...

Last updated: Nov 03, 2022 12:02PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Page 2 of 112

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image