Bug Reports - Page 29 - Burp Suite User Forum

Dom invader bug？

Hi, I found a small problem with dom invader. This is my code of html: <script> function getQueryVariable(variable) { var query = window.location.search.substring(1) var vars =...

Old response in Repeater if a custom tab is selected

Hi, I've been working on an extension for Burp and noticed if you have a custom tab selected (IMessageEditorTab) in Repeater for a response and you issue a different request, the old response is still shown in all the...

Lab: Brute-forcing a stay-logged-in cookie

Hi there, I am working on this lab in the burp suite academy. I am having trouble resolving it, tried to follow the solutions step by step, but burp suite is not giving me the right answer. I also followed many YouTube...

Cannot send request from Logger to Organizer

Hi, In Burp Suite Professional version v2023.7.1 (Windows 11 platform) it is still impossible to send request from Logger tab to Organizer tab (either using "RMB > Send to Organizer" and using...

Can't Send Request to Organizer from Logger

When attempting to send a request from the Logger tab to the Organizer tab, the request does not appear in the Organizer tab. Although the Organizer tab highlights, it does not display the request after navigating to...

100% disk usage in Virtualbox

When I intersept traffic in BurpSuite on my kali machine in virtualbox, as I forward requests the machine just freezes and in my host windows task manager I see 100% disk usage from this machine that doesn't go down.

Labs load very slowly

Hi, I have been observing but lab pages open very slowly. It almost takes like 30+ seconds for the page to load, sometimes there are timeouts. This seems to be random and not any particular lab. My internet just works...

On huge targets, sitemap stops working reliably

I don't know the exact conditions but often some paths from the passive crawl are missing from sitemap. They're present in the proxy tab but never added to the sitemap. The problem isn't new and I know people who struggle...

Latest Install Wipes BurpSuitePro.vmoptions

Should have the ability to preserve your settings. If not, at least back the file up to BurpSuitePro.vmoptions.backup, .old or similar.

sni problem

after the last update I have in my repeater the option for sni override whether I turn it on/off in repeater or on/off settings I got many error connections such as 403 for urls that worked before the update and also are...

Unable to launch Burp's built-in browser

Hi, I am currently experiencing an issue with Burp's built-in browser on Burp Suite Professional v2023.7.2. When clicking on 'Open Browser', it is unresponsive and no browser is launched. I have launched the health check...

Lab: Basic clickjacking with CSRF token protection

This simple Lab does not complete even though I followed the right steps and does not reset to original state even after waiting for 20 mins. It wasted half my day's time. Please fix the bug(if any) related to this lab....

Expired cookies session

Hi all, I am still learning, so correct me if iam wrong. I reported the 'bug', but it was dissmissed as informative. I logged in into some account and in BURP I had request with cookie and parameter in it 'session_token'. I...

Checksum Mismatch

Hello All, I am having trouble with validating my download of burp suite Professional / Community 2023.7.2. My checksums do not match what the burp suite website is showing. What I am missing? Burp Suite...

Hostname Resolution ignored if SOCKS Proxy in use

Observed behavior: The Hostname Resolution section under Project options -> Connections is ignored if SOCKS Proxy is in use, with "Do DNS lookups over SOCKS proxy" enabled. Instead, Burp resolves the hostname via the...

Hostname resolution overrides not working properly in Burp Suite

When I enable the "Hostname resolution overrides" option in Burp Suite and change the hostname, it works as expected and overrides the ip from the original hostname. However, when I uncheck the box to disable the option, it...

network account login fails after latest update

Hello, After updating to Burp Suite Enterprise Edition v2023.7.1, we can no longer authenticate to Burp Enterprise manager/web server with our network credentials. Local accounts can log in successfully. I am able to...

Intruder attack result

Hi, I would like to report a problem with sorting results in intruder. Currently, trying to sort the results by the size of the response does not always sort all the results (after moving the results, I see that some results...

CSRF vulnerability with no defenses lab

I've done everything I could to solve this lab, even used the official solution but everytime I store and view the exploit I get the message "Resource not found - Academy Exploit Server"

False Positive "Content type incorrectly stated"

Hello, It seems that Burp doesn't recognize ttf font and keeps flagging it with Content type incorrectly stated. Is it possible to solve this problem please? Any ticket already created? Thank you for your...