Burp Suite User Forum

Login to post

embedded chrome --SSDP

Hello I would like ask if is necessary by embedded chrome.exe Browser use UDP IPv4 ssdp 239.255.255.250 connection. 85.0.4183.121-1\chrome.exe If not please in future disable it. thanks

Last updated: Nov 10, 2020 10:13AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Burp Suite Professional trial messed Kali

The BS Pro was downloaded and installed by the wizard. After that, the first time it was opened, it asked for a license key file. Given the file from Downloads in Kali, both automatic and manual activation was attempted but...

Last updated: Nov 09, 2020 12:03PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Burp suite not working

Hi team i am using latest community version of burp suite and when i intercept request and forward it then it isnt sent to the server by burp suite so if i try to send that request to repeater and replay the request i wont...

Last updated: Nov 09, 2020 11:24AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Stored XSS into anchor href attribute with double quotes HTML-encoded is not recognizing an XSS

I have done the following submit a comment that calls the alert function when the comment author name is clicked. I have used the following payload in the website field of the form: javascript:alert(1)

Last updated: Nov 09, 2020 09:42AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

I'm trying to run a scan and it's stuck on "Waiting for agent"

I've checked the logs under /var/log/BurpSuiteEnterpriseEdition/ and I'm not seeing anything obvious. When I check the agent status on the web interface it shows up as connected and not busy. The only thing thats changed...

Last updated: Nov 09, 2020 08:53AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Burp not working

Hi team i am using latest community version of burp suite and when i intercept request and forward it then it isnt sent to the server by burp suite so if i try to send that request to repeater and replay the request i wont...

Last updated: Nov 07, 2020 01:53AM UTC | 0 Agent replies | 0 Community replies | Bug Reports

Burp not working

Hi team i am using latest community version of burp suite and when i intercept request and forward it then it isnt sent to the server by burp suite so if i try to send that request to repeater and replay the request i wont...

Last updated: Nov 07, 2020 01:53AM UTC | 0 Agent replies | 0 Community replies | Bug Reports

Scanner freezes and never end

Hi, I tried using the Scanner with the latest Burp, but the problem that the Scanner freezes and never ends when the server does not return a response seems to recur. BurpSuiteProfessional:v2020.6,v2020.9.2

Last updated: Nov 06, 2020 11:16AM UTC | 2 Agent replies | 2 Community replies | Bug Reports

XSS Cheat Sheet Copy to clipboard option does not work.

Hi guys, I am trying to use the copy to clipboard option on the XSS cheat sheet page, in order to paste the payloads on the payload tab and it seems that it is not working. I have tried it from both the guest OS and my...

Last updated: Nov 06, 2020 10:56AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Burp Pro 2020.9.2 Freezes up entire VM

Howdy folks. Apologies for the long post but i want to be sure I cover all bases. I am posting here as I have been unable to find any posts online about this same topic. Burp Pro 2020.9.2 freezes up my entire VM(s) from time...

Last updated: Nov 06, 2020 09:57AM UTC | 2 Agent replies | 2 Community replies | Bug Reports

Minor issue in the solution of Lab: "Web cache poisoning with multiple headers"

I think point number 2 of the official solution is somehow misleading: "Find the GET request for the JavaScript file /resources/js/tracking.js and send it to Burp Repeater" That file is never requested by the website and...

Last updated: Nov 05, 2020 07:25PM UTC | 1 Agent replies | 4 Community replies | Bug Reports

Burp Collaborator STARTTLS Plaintext Command Injection

The following issue is being found by the Nessus vulnerability scanner, when the Burp collaborator server is scanned: https://www.tenable.com/plugins/nessus/52611 I was also able to verify this using a self compiled...

Last updated: Nov 05, 2020 10:06AM UTC | 2 Agent replies | 0 Community replies | Bug Reports

Burp Collaborator HTTP Info Disclosure

The collaborator server version is disclosed as HTTP header (X-Collaborator-Version). Is it possible to remove it via config parameters or is this fixed? $ curl -I http://<collaborator server> HTTP/1.1 200 OK Server:...

Last updated: Nov 04, 2020 09:13AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft [Broken]

I'm pretty experienced with SQL injection. I've been doing this lab and I even copied and pasted the answer from the solution section into the proper category and it still is returning a database error. The lab is broken...

Last updated: Nov 04, 2020 04:22AM UTC | 1 Agent replies | 3 Community replies | Bug Reports

Could not connect to any seed URLs

We are attempting to scan a URL, and it is failing with the message "Could not connect to any seed URLs." We are using BS Enterprise, proxy server set up appropriately, and cannot scan this URL.

Last updated: Nov 03, 2020 08:53AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Could not connect to any seed URLs.

I'm attempting to set up my first scan with Burpsuite enterprise. I have two agents on the same box assigned to it, I have the web proxy input properly into the network settings, but I keep getting scans failed, even though...

Last updated: Nov 03, 2020 08:28AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

cant accurately modify anything

For some reason, when I higlight text to modify, it always leaves one or two characters behind making it impossible to tamper data. Example: I try to change the html to xml Content-type: text/html I highlight the whole...

Last updated: Nov 02, 2020 12:46PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

v2020.7 Embedded Browser Doesn't Launch on Parrot

Hello, I just wanted to report that the embedded browser in 2020.7 does not launch with a default Parrot OS (https://parrotlinux.org/) configuration. Attempts to launch it return "net.portswigger.devtools.client.a: Refusing...

Last updated: Nov 02, 2020 10:02AM UTC | 11 Agent replies | 13 Community replies | Bug Reports

Windows Installer Crash

During self-extraction of the Burp Community installer, it crashes roughly in the middle while extracting. Environment: - Windows 10 64bit (AD-enabled in a corporate environment) - Burp Community Windows installer...

Last updated: Nov 02, 2020 08:49AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Lab: DOM-based cookie manipulation

In this lab this solution can work also and it's easier than the one in help...

Last updated: Nov 01, 2020 06:58PM UTC | 0 Agent replies | 0 Community replies | Bug Reports

Page 3 of 63

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image