Bug Reports - Page 3 - Burp Suite User Forum

Burp Suite can not close window

Burp Suite Pro Version v2022.8.5 MacOS Big Sur 11.7 Steps to reproduce: 1. Open a new window (Burp collaborator client / Intruder) 2. press the exit(x) button / close button 4. the window is not closed, but the...

Can't Connect my redmi 9c to proxy burp suite

Sometimes i cant connect to my burp suite with my phone, but sometimes connected, but sometimes without any proxy i enabled to connect to my burp suite.

every time i submit solution / solve a lab i get logged out

i am currently having an issue where every time i access a lab i am required to log in again as i keep getting logged out after i submit a solution to a lab. is there a way i can fix this? as from my settings i cant find...

screen redraw

At random times, the gui starts getting messy, the screen is redrawed several times whenever I move my mouse cursor image of problem: https://ibb.co/8N9D46k

Websockets dropping connection in latest verison

I am having an issue while intercepting traffic using WebSockets. I encountered this issue while using 2023.1.3 professional version of BurpSuite. Using the older version (from January) did not fix the issue. The...

Recursive Grep results are not used in the following request

Hi, I'm making my first steps with Burp and try using intruder for finding the password of an phpmyadmin interface. For that I use a pitchfork attack with a recursive grep to find the session_id and the token....

Getting MOZILLA_PKIX_ERROR_MITM_DETECTED when trying to run burp.

Got this error out of nowhere as I had been running burp regularly on firefox without issues earlier in the day. I ran into the same problem on chrome as well. I have deleted the certificate, cleared the cache, unistalled...

Host header fuzzing does not work

Hi! Using Burp Suite Pro v2023.1.3 Using Intruder to fuzz Host header value with UTF-8 chars, however in the results screen (Request) see that I'm sending only original header value (confirmed via same server response...

Broken Extensions preferences since burpsuite_pro_v2023.1.2

Hello, Since burpsuite_pro_v2023.1.2 the extensions cannot load their previous preferences. The extensions load/save the preferences by the following APIs: - loadExtensionSetting(name) - saveExtensionSetting(name,...

Username enumeration via response timing (Authentication) -> X-Forwarded-For

Hello, While working on username enumeration via response timing lab, I used HTTP header "X-Forwarded-For" to spoof my IP address in order to bypass the IP-based brute-force protection with Repeater but I kept getting...

Academy Path Traversal Labs Not Working as Intended?

I'm having a nice time working through the academy labs. I've just started working through the path traversal labs where the focus is getting the server to load the /etc/passwd file. I've completed both the "File path...

Blocked by Cloudflare Gateway

Hello, I was starting the "Lab: Basic password reset poisoning". I clicked on the "Go to exploit server" button and was greeted with a black screen and the words "Access restricted This site is blocked. Please...

Built in Chromium browser crashes after computer goes into sleep

On Windows 11 every time the computer goes into sleep mode the built in Chromium browser crashes. When opened again it shows a message that the browser was not closed properly and if I want to restore the session.

Scanner appears to audit URL received in 302 response

Greetings, I am using V2023.1.2 on an engagement and am having strange behavior using Scanner. I have set the scanner to audit only and provided a single URL to audit. The audit performs some number of requests to the...

Kerberos

When I try to use the Kerberos Authentication I get the message: Connected to port 88, but failed to contact Kerberos service: No LoginModule found for com.sun.security.auth.module.Krb5LoginModule Can you help?

Mixed results in intruder attack

Hi, Iam using Burp Pro version 2023.2.1 19050 (Early Adopter). I have found that when I have two intruder attacks running at the same time (using same resource pool), I get mixed results from both of these intruder...

Burp Pro 2023.1.2 does not honor disabling HTTP2

As of version 2023.1.2, the tool does not honor `Project Options -> HTTP -> HTTP/2` settings allowing only HTTP/2 requests if server supports it. Version 2022.12.7 works as expected Thanks for any response bodik

CSRF Labs are buggy not working

Currently i'm trying to solve the CSRF labs. However, it seems that these are not working properly; It seems that the system doensn't work when you "deliver exloit to user". I know for a fact that the CSRF Payload is...

Issue activity tab doesn't list all issues detected in audit items tab

Burp Pro: v2012.1.2 After starting a scan for a specific target, approximately 20K requests and few hours later, if we check Audit Items tab for this specific scan, we can see quite a few issues in "Issues"...

Can no longer intercept Iphone requests (Apps and browsers) : 403 remote host terminated the handshake

I started having this issue 4 days ago, before that i had no trouble intercept requests from my iPhone. Device: - Iphone X: with Full Trust CA enabled - Burpsuite install on both MacOS and Windows machine - Burpsuite...