Burp Suite User Forum

Login to post

Chromium browser keeps crashing

Hello I'm running version 2020.8, build 3537, trying to 'open embedded browser', clicking help links all of which are trying to launch Chromium, which I never really use. Chromium keeps crashing and shutting down. Running...

Last updated: Nov 19, 2020 08:37AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Lab "Stored XSS into anchor href attribute with double quotes HTML-encoded" issue

Hello! I have made XSS as described in the solution, but there are still no congratulations message.

Last updated: Nov 18, 2020 04:36PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Burp Enterprise Recorded Login

I tried the recorded login today and increased the memory on my centos 7 server to 40 GB (for 3 agents). I have 230 GB of free disk space. But still I get the error: The scan is configured to use recorded login sequences....

Last updated: Nov 18, 2020 01:04PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Can't connect to https://www.dyson.com through burp but it works with https:///www.dyson.co.kr or other tld (.fr,...)

Hi, I have well configured burp suite to connect to https website using cacert. I am almost in default configuration everywhere in burp. My problem is : I can't connect to https://www.dyson.com but I can connect to...

Last updated: Nov 18, 2020 10:28AM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Backup file false positives

I am getting many, many instances of the "Backup file" issue type. The issue is that the scanner makes a request that is a variant of a legitimate request, for example instead of GET /users/sign_in.json, it will call GET...

Last updated: Nov 18, 2020 09:40AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Latest update introduced bug with WebSockets

Hello, The latest Burpsuite update has introduced a bug into the WebSockets functionality. The "Raw" window will no longer display data despite data being visible in the "Hex" window. I have downgraded to temporarily...

Last updated: Nov 17, 2020 09:53AM UTC | 2 Agent replies | 0 Community replies | Bug Reports

Burp 2020.9.1 crashes when sending certain characters in repeater

When POSTing a login request (does not seem to matter if the body is JSON or HTTP post form etc.) the entire application crashes if an dollar($) symbol is in a parameter name in the body of the request. Found when testing...

Last updated: Nov 16, 2020 04:41PM UTC | 3 Agent replies | 1 Community replies | Bug Reports

Lab: DOM XSS in document.write sink using source location.search inside a select element

I get the xss pop-up but the lab does not report it solved. I crafted the URL with the storeId query parameter and inserted javascript payload using alert function which pops "1". Can you guys take a look at that?

Last updated: Nov 16, 2020 02:27PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Intruder going out-of-memory when enumerating file download functionality

My intruder is going quickly out of memory as I am enumerating numbers which each request gives me a downloadable file. The intruder requests are set to not store the response data, but still the memory keeps increasing...

Last updated: Nov 16, 2020 12:53PM UTC | 0 Agent replies | 2 Community replies | Bug Reports

Web cache poisoning via the Host header Lab

I completed the successfully displaying alert(document.cookie) after poisoning the cache, but the state of the lab still says: Not solved

Last updated: Nov 16, 2020 08:49AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

123Watch-[MOVIES] Demon Slayer the Movie: Mugen TrainFULL HD Quality 4K

03 sec ago Don't miss!How to watch Demon Slayer: Kimetsu no Yaiba - The Movie: Mugen Train (2020) Full Movie Online Free? HQ Reddit DVD-ENGLISH Demon Slayer: Kimetsu no Yaiba - The Movie: Mugen Train (2020) Full Movie Watch...

Last updated: Nov 15, 2020 04:45PM UTC | 0 Agent replies | 0 Community replies | Bug Reports

Lab issue: Exploiting cross-site scripting to steal cookies

Hello! I am trying to solve one of your labs - https://portswigger.net/web-security/cross-site-scripting/exploiting/lab-stealing-cookies. I had thought that something wrong with me, so I have read the solution, but I also...

Last updated: Nov 15, 2020 09:40AM UTC | 0 Agent replies | 1 Community replies | Bug Reports

error: timed out waiting for the condition on jobs/bsee-database-migration - Database migrations failed

I've installed the arm template of Azure with the Enterprise Edition 2020.10.1 Deployment has completed success. When the application container run, the pod bsee-database-migration end with error. In the condition...

Last updated: Nov 13, 2020 11:10AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

plz provide bugs report of different bugs

Hello sir how are u ,i hope u are fine ,sir plz provide all bugs reports like xxs,idor,csrf etc i hope u are not turn down on my request. thanksalot.

Last updated: Nov 13, 2020 09:31AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

any scheduled scan ends with 'Error Dispatching scan to 'Agent'

BurpSuite edition: Enterprise Installation type: Server & Agent(5) at separated computers Operating system: Ubuntu 18.04.3 LTS Agent is authorised and licensed. Log Errors 2020-11-09 00:01:49 INFO ...

Last updated: Nov 13, 2020 09:12AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Crawl / Audit requests not getting responses

If I'm manually browsing the proxy is effective at showing the requests/responses. Same if I'm using Intruder or Repeater. When I try to initiate a scan with Craw or Audit the requests go out, get logged in Logger++ but...

Last updated: Nov 12, 2020 02:55PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Lab issues

Hello, I have been working on the web security labs. Everything was normal i was able to use the labs. I took a small break. I came back to resume the labs. I noticed i am unable to solve the labs has the get requests...

Last updated: Nov 12, 2020 09:12AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Lab issues

Hello, I have been working on the web security labs. Everything was normal i was able to use the labs. I took a small break. I came back to resume the labs. I noticed i am unable to solve the labs has the get requests...

Last updated: Nov 11, 2020 08:43PM UTC | 0 Agent replies | 0 Community replies | Bug Reports

Password reset poisoning Lab issue

Victim never makes call to forgot password through exploit url

Last updated: Nov 11, 2020 04:46PM UTC | 6 Agent replies | 5 Community replies | Bug Reports

Scanner Stops Scanning

Scanner stops scanning when a request is made which times out. Watching the requests in Logger++, the comment field contains 'Timed out', but the 'completed' checkbox is not ticked. The scanner pauses. Pausing the scan...

Last updated: Nov 11, 2020 02:31PM UTC | 4 Agent replies | 6 Community replies | Bug Reports

Page 2 of 64

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image