Bug Reports - Page 27 - Burp Suite User Forum

Can't gracefully close BurpSuite when detaching and reattaching Collaborator window

I'm experiencing this issue every time i detach the Collaborator window and i reattach it later on. Since this issue arised for the first time, now every time i start BurpSuite the Collaborator tab is detached and hidden:...

Adding Space in Header Kettles Request

Hey, I'm going through the following lab: Password reset poisoning via dangling markup Whenever I add a space to my Host header, Burp Suite kettles my request which causes the CSRF token to not be sent along correctly...

Failed to configure embedded browser

Installation on Windows 10 machine. I get the error message "Failed to configure the embedded browser" when running the installation for Burp Pro

Problem with web cache poisoning labs

Hi, It seems like web cache poisoning labs are not vulnerable anymore. Any time you send the same GET / request it always returns X-cache: miss header, never "hit". I´m not able to solve even the labs that I´ve...

Password Reset Poisoning via Dangling Markeup

This lab is not working for me at all. I'm following a video online and doing the steps exactly but when I try to add a port it says 504 Gateway Timeout. OR it says bad request CRSF token expired or something along those...

Lab Cache Poisoning - Cache key injection

For some reason I cannot solve this lab. First, I'm sending this poison to localize.js file. I'm receiving the HIT response. GET /js/localize.js?lang=en?utm_content=z&cors=1&x=1 HTTP/2 Host:...

Burp is crashing

Up to two updates ago, Burp suite was great. For the past two or three weeks, it has been crashing continuously. I have to keep starting it again and re-running my scans, rendering the scan results completely...

Blank Raw data

Using burp community(upgraded to the latest version) but getting a blank raw data screen.

License Activation

Hello portswigger team. Due to i changed my OS so i tried to active my burp pro edtition with my license key but i got activation field because i used it multiple times during changing my OS several times. I know i asked it...

Problem with practice exam 2 stage 3

Hi all, found a vulnerability in practice exam 2, tried all Java gadgets, but nothing comes to the colaborator. Who ran into this problem? CommonsCollections7 fulfills the request, but the collaborator is empty(

Lab: Web cache poisoning via ambiguous requests

Hello BurpSuite Support, I think this lab (https://portswigger.net/web-security/host-header/exploiting/lab-host-header-web-cache-poisoning-via-ambiguous-requests) is not working. Even I tried the Solution and that...

Bug on "Track your Progress"

Hi, for some time now the progress tracking system has changed, before when I finished a chapter I would put a flag in the check box and my progress in the "learning materials" field would increase, now it has been stuck at...

license issue

Hi burp suite i had already a user of professional version and its super cool and handy for penetration testing, but i upgraded to enterprise edition and facing difficulty in license configuration itself .

Question marks in URL insted of unicode charactes

Endpoints in unicode are viewed as question marks and are not decoded propertly, in some cases even breaking a proper workflow ( instead of requesting the intended endpoint burp forwards a request to /??????????? ). I've...

No more activations are allowed for this license

Hi, i formatted my windows work pc and can't activate the license again. The license is owned by the company i work. Thanks.

While Intercept is on, can not focus Burp's window

Hi I'm using Fedora 38 with Gnome 44.3 While intercepting my traffic from Firefox by "Intercept is on" under the Proxy, after clicking a link, I do <alt + tab> to switch to Burp, but Burp's window does not gain focus, and...

embedded JRE cacert keystore password seems to have changed in recent release

Hi, (Using 2023.9.2 version for Mac OS Apple M1) I get a password failed message while trying to add my own certificate to "BURP-INSTALL-PATH/Contents/Resources/jre.bundle/Contents/Home/lib/security/cacerts". I've...

Javascript response in Binary

Burp Pro 2023-9.2 I noticed the proxy and repeater tabs are showing a javascript file response in binary. The same shows as text when opened in browser. Not sure if this is a bug or any setting I need to change.

Client Failed to negotiate a TLS Connection to respective application

Hello BurpSuite Support, When I was trying to test a web application using Burp Suite 2.1.07 it is showing with an error Client failed to negotiate a TLS Connection to www.xxxxxxx.com: Received fatal...

Cannot log traffic to file from websockets

Hi, There is no option to log traffic from any tool when the traffic is passing from the websockets. Even though traffic is visible on the Proxy - > WebSockets history tab, it's not logged into the file. *...