Burp Suite User Forum

Login to post

Burp Suite getting stuck during audit of specific URL

Hi, I am currently using Burp Suite Professional to scan a website in Deep scan mode. While the crawl finishes successfully, the audit gets stuck during the audit of a specific URL.c I have already tried increasing memory...

Last updated: Mar 16, 2023 01:35PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Seesion cooki expier message show

hello sir/mam, Recently I came few months of my Portswigger id is not working properly it crash on my browser (firefox)

Last updated: Mar 16, 2023 09:42AM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Burp pre-configured browser not working

Hi, im currently on a fresh install on kali (Pro Edition). Ive been using burp for years now without problems. However in cant launch the inbuilt browser from the Proxy tab. Just nothing happens, no error, no browser...

Last updated: Mar 16, 2023 09:24AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

BurpSuite Professional on Kali (ARM) running on MacBook Pro with M1 processor

Hello, I am trying to run my BurpSuite Professional licensed version on a MacBook Pro with M1 processor but I receive error: Unpacking JRE ... Starting Installer ... ./burpsuitepro.sh: 598:...

Last updated: Mar 16, 2023 08:02AM UTC | 10 Agent replies | 12 Community replies | Bug Reports

Shortcut Keys don't work

Hi, The shortcut keys (e.g. ctrl-C, ctrl-v) don't work in the new releases. Please fix. Thanks, Carl

Last updated: Mar 15, 2023 10:06AM UTC | 2 Agent replies | 4 Community replies | Bug Reports

Burp 2.0.14 install4j error.log

I get an error.log generated when using the Burp 2.0.14 Windows 64-bit installer. Looks like this happened because the included JRE got updated to Java 11. java.lang.NoClassDefFoundError: sun/misc/Unsafe at...

Last updated: Mar 15, 2023 09:23AM UTC | 3 Agent replies | 3 Community replies | Bug Reports

Lab: CL-TE request smuggling lab is not working with the official solution.

The HTTP request: POST / HTTP/2 Host: 0ac000af04eed935c3233d650017001f.web-security-academy.net Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 8 Transfer-Encoding:...

Last updated: Mar 15, 2023 05:08AM UTC | 2 Agent replies | 3 Community replies | Bug Reports

installer on fedora 35 dispaly an-empty-red-/rose-dialog-no-buttons-nothing

I opened a thread on Feb 9, 2023 as I was not able to continue installing Burp...

Last updated: Mar 14, 2023 05:00PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Visiting a site that is using HTTP/2 and can't connect

Error Could not create new HTTP/2 connection The above is all I receive. I looked in logger to see if more information is available, and it is not. I'm able to connect to other sites that use HTTP/2, just not this...

Last updated: Mar 14, 2023 10:28AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

License Missing

Due to the recent changes to licensing, my MD had to issue the Burp Pro licenses to individual accounts. I got the email telling me my MD had shared the license with me and to login and download it however the license...

Last updated: Mar 13, 2023 04:48PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

HTTP1.1 replaced by HTTP/2 in response header?

I intent to use Burp Suite to be able to see in more detail the communication of an application I just started to develop. I am currently using Community Edition v2021.5.2. My application responds normally when I do not...

Last updated: Mar 10, 2023 11:01AM UTC | 5 Agent replies | 5 Community replies | Bug Reports

Web Security Academy -> SQL Injection -> SQL injection attack, listing the database contents on Oracle

So far all the SQL query i ran work and dont have any error but when i am about to display the column name it doesn't have any out put on the page. this is my query : ' UNION SELECT column_name, NULL FROM all_tab_columns...

Last updated: Mar 10, 2023 09:31AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

CSRF vulnerability with no defenses -> not solved but exploit works

Hi, i'm trying to solve the lab, also the lab "CSRF where token validation depends on request method" in both labs the exploit works for me and i can change the mail. But the page with only the submit button does not occur...

Last updated: Mar 10, 2023 09:15AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Web Security Bug - Lab: Username enumeration via account lock

Hello, This lab requires user enumeration via account lock, account lock is obtained after 3 failed login attempts. After we enumerate the valid username from wordlist, we should brute-force the password. I used burp...

Last updated: Mar 10, 2023 08:29AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Web Security Academy -> Insecure deserialization -> Some labs don't work

Hello, I'm just in the middle of your great academy and I found out that some labs in the insecure deserialization part doesn't work. Specifically: Lab: Using application functionality to exploit insecure...

Last updated: Mar 09, 2023 11:17AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

You do not have any licenses.

Hello, I payed for a PRO licence, but on "my account" page, it says "You do not have any licenses.". How am I supposed to get my licence ? Thanks.

Last updated: Mar 09, 2023 09:55AM UTC | 1 Agent replies | 3 Community replies | Bug Reports

burp's browser doesn't work

Hi, im trying open burp's browser but i get error message Burp's Browser Health Check: Initiating health check Checking platform supported Success Checking browser binaries Success Checking headless...

Last updated: Mar 09, 2023 08:09AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Reflected XSS into HTML context with all tags blocked except custom ones

ello, I tried copying and pasting the solution, replacing the LAB ID, which in my case from the link https://exploit-0a2e00f604bd5197c065ff3c01aa00ea.exploit-server.net/exploit was...

Last updated: Mar 08, 2023 08:12PM UTC | 0 Agent replies | 1 Community replies | Bug Reports

Connection to upstream proxy fails when "Crawl using my provided logins only" is disabled.

Burp Enterprise Version: 2023.1 Build: 11718 Scanner version: 2023.1.3 Database: postgres Database version: 12.11 Kubernetes install. Bug description: We must use an upstream proxy for egress in order to be...

Last updated: Mar 08, 2023 01:34PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Headless BurpPro in Docker requires X11

Hi, I am trying to run Burp Pro within Docker using the following startup command: /usr/lib/jvm/jdk-17/bin/java -Djava.awt.headless=true -jar /home/user/burpsuite_pro.jar --data-dir=/home/user/...

Last updated: Mar 07, 2023 01:50PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Page 2 of 121

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image