Bug Reports - Page 2 - Burp Suite User Forum

Burp Suite getting stuck during audit of specific URL

Hi, I am currently using Burp Suite Professional to scan a website in Deep scan mode. While the crawl finishes successfully, the audit gets stuck during the audit of a specific URL.c I have already tried increasing memory...

Seesion cooki expier message show

hello sir/mam, Recently I came few months of my Portswigger id is not working properly it crash on my browser (firefox)

Burp pre-configured browser not working

Hi, im currently on a fresh install on kali (Pro Edition). Ive been using burp for years now without problems. However in cant launch the inbuilt browser from the Proxy tab. Just nothing happens, no error, no browser...

BurpSuite Professional on Kali (ARM) running on MacBook Pro with M1 processor

Hello, I am trying to run my BurpSuite Professional licensed version on a MacBook Pro with M1 processor but I receive error: Unpacking JRE ... Starting Installer ... ./burpsuitepro.sh: 598:...

Shortcut Keys don't work

Hi, The shortcut keys (e.g. ctrl-C, ctrl-v) don't work in the new releases. Please fix. Thanks, Carl

Burp 2.0.14 install4j error.log

I get an error.log generated when using the Burp 2.0.14 Windows 64-bit installer. Looks like this happened because the included JRE got updated to Java 11. java.lang.NoClassDefFoundError: sun/misc/Unsafe at...

Lab: CL-TE request smuggling lab is not working with the official solution.

The HTTP request: POST / HTTP/2 Host: 0ac000af04eed935c3233d650017001f.web-security-academy.net Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 8 Transfer-Encoding:...

installer on fedora 35 dispaly an-empty-red-/rose-dialog-no-buttons-nothing

I opened a thread on Feb 9, 2023 as I was not able to continue installing Burp...

Visiting a site that is using HTTP/2 and can't connect

Error Could not create new HTTP/2 connection The above is all I receive. I looked in logger to see if more information is available, and it is not. I'm able to connect to other sites that use HTTP/2, just not this...

License Missing

Due to the recent changes to licensing, my MD had to issue the Burp Pro licenses to individual accounts. I got the email telling me my MD had shared the license with me and to login and download it however the license...

HTTP1.1 replaced by HTTP/2 in response header?

I intent to use Burp Suite to be able to see in more detail the communication of an application I just started to develop. I am currently using Community Edition v2021.5.2. My application responds normally when I do not...

Web Security Academy -> SQL Injection -> SQL injection attack, listing the database contents on Oracle

So far all the SQL query i ran work and dont have any error but when i am about to display the column name it doesn't have any out put on the page. this is my query : ' UNION SELECT column_name, NULL FROM all_tab_columns...

CSRF vulnerability with no defenses -> not solved but exploit works

Hi, i'm trying to solve the lab, also the lab "CSRF where token validation depends on request method" in both labs the exploit works for me and i can change the mail. But the page with only the submit button does not occur...

Web Security Bug - Lab: Username enumeration via account lock

Hello, This lab requires user enumeration via account lock, account lock is obtained after 3 failed login attempts. After we enumerate the valid username from wordlist, we should brute-force the password. I used burp...

Web Security Academy -> Insecure deserialization -> Some labs don't work

Hello, I'm just in the middle of your great academy and I found out that some labs in the insecure deserialization part doesn't work. Specifically: Lab: Using application functionality to exploit insecure...

You do not have any licenses.

Hello, I payed for a PRO licence, but on "my account" page, it says "You do not have any licenses.". How am I supposed to get my licence ? Thanks.

burp's browser doesn't work

Hi, im trying open burp's browser but i get error message Burp's Browser Health Check: Initiating health check Checking platform supported Success Checking browser binaries Success Checking headless...

Reflected XSS into HTML context with all tags blocked except custom ones

ello, I tried copying and pasting the solution, replacing the LAB ID, which in my case from the link https://exploit-0a2e00f604bd5197c065ff3c01aa00ea.exploit-server.net/exploit was...

Connection to upstream proxy fails when "Crawl using my provided logins only" is disabled.

Burp Enterprise Version: 2023.1 Build: 11718 Scanner version: 2023.1.3 Database: postgres Database version: 12.11 Kubernetes install. Bug description: We must use an upstream proxy for egress in order to be...

Headless BurpPro in Docker requires X11

Hi, I am trying to run Burp Pro within Docker using the following startup command: /usr/lib/jvm/jdk-17/bin/java -Djava.awt.headless=true -jar /home/user/burpsuite_pro.jar --data-dir=/home/user/...