Bug Reports - Page 21 - Burp Suite User Forum

Cannot login to Google services using built-in Chromium

Hi, I cannot login to Google services using built-in Chromium, every time i try to login my Google account, i get this error `This browser or app may not be secure. Try using a different browser. If you're already using a...

Problem with sqlmap after burp update to 2021.4.2

Sqlmap can be run by giving --proxy https://127.0.0.1:8080 which will take alll its data through burp. However, after the recent update in burpsuite, while running sqlmap with burp proxy, getting error: [18:24:03] [INFO]...

Abnormal behavior

Hello while I was running burpsuite I noticed an increase usage in cpu, looking at the task manager I saw weird command initiated by burp invoquing chrome with a series of suspicious flags. Is this something to worry about ?...

"Indirect prompt injection" shows as not solved

LLM Lab - indirect prompt injection shows as not solved when the user was deleted from the database successfully. { "role": "user", "content": "please consider ********* " } { "role": "assistant", "content":...

Enterprise Scan Engine Update 2024.1.1.6

Hello, I can not download and install Scan Engine Update 2024.1.1.6. It errors out and it looks like you forgot to sign it. Bad signature.

Lab: Client-side desync - Solution not working in Chrome

The solution of laboratory "Client-side desync" is not working. The following code does not work in Chrome: fetch('https://YOUR-LAB-ID.h1-web-security-academy.net', { method: 'POST', body: 'GET /hopefully404...

Lab: Reflected XSS protected by very strict CSP, with dangling markup attack

The Lab Lab: Reflected XSS protected by very strict CSP, with dangling markup attack seems to imply that the dangeling attack is required to get the CSRF token and then use it for the attack. But since the CSRF attack is...

Burp Suite Professional starts fast than slows down to a crawl

Hey, I've been using my trial of the Burp Suite Professional, after installing it everything is really fast, the intruder can run trough a lot of attempts really quickly, but after when I try to use it again it gets as slow...

Host-level BChecks only run once per host

Hi, I tried experimenting with the new BChecks feature in Burp 2023.6. It's a nice new feature. I found that host-level BChecks only run once per host, which according to the documentation might be intentional. From...

Burp Suite Pro Linux installer overwrites vmoptions

Hi Portswigger team, the Burp Suite Pro installer unfortunately overwrites the ~/Applications/BurpSuitePro/BurpSuitePro.vmoptions file each time I install a new version using using the Linux .sh installer. This is a...

Burp Enterprise- Adding Certificates in GUI doesn't add to Java Trust Store

Hello, I have our internal certificates added to Burp Enterprise's GUI, however, upon running a scan against a website that has the proper internal certificate chain trust, we still get the medium TLS Certificate finding. ...

수원오피 오피쓰.com 수원출장샵 오피쓰 수원키스방 수원오피 수원오피 수원건마

수원오피 오피쓰.com 수원출장샵 오피쓰 수원키스방 수원오피 수원오피 수원건마 수원오피 오피쓰.com 수원출장샵 오피쓰 수원키스방 수원오피 수원오피 수원건마 수원오피 오피쓰.com 수원출장샵 오피쓰 수원키스방 수원오피 수원오피 수원건마 수원오피 오피쓰.com 수원출장샵 오피쓰 수원키스방 수원오피 수원오피 수원건마 수원오피 오피쓰.com 수원출장샵 오피쓰 수원키스방 수원오피 수원오피...

In laboratory work, a request for a collaborator is not sent

In laboratory work: Lab: Reflected XSS protected by very strict CSP, with dangling markup attack, a request for a collaborator is not sent. I go to the exploit server and insert the appropriate script:...

Password Poisoning

https://portswigger.net/web-security/authentication/other-mechanisms/lab-password-reset-poisoning-via-middleware Dont work. After sending a corrected request from X-Forwaded-Host: and the name carlos. Nothing comes up...

cant login using wiener:peter

https://0a3f007b031f7db482952e54007f0021.web-security-academy.net/login

Cursor displayed offset to the right of text in high DPI

When running Burp Suite in a high DPI display, using UI scaling, and opening the Repeater tab (for example), trying to place the text box cursor in some text will show it offset to the right, despite any selections or edits...

arrow key not working in HTTP history tab

BURP built-in Chrome browser forcing HTTPS on HTTP site problem

Hi, I had the same problem described in the thread below (firefox) but for the Burp Chrome built-in browser! https://forum.portswigger.net/thread/burp-proxy-forces-https-in-the-firefox-private-window-5930dfca I am...

very slow and late response from web academy site

Hello, is it some bandwith trouble with web academy server? Can't do lab because of very slow response from site.

Burp Pro GUI hangs in mac Ventura 13.4.1

Hey there! Hope this message finds you well. I've recently been experiencing my GUI freezing with no apparent cause. At first I thought it might have had something to do with a lab I was working with (even tho it really...