Burp Suite User Forum
Hi @burp_fans I stumbled upon an "issue" with the file upload vulnerability labs (e.g. [1], but it is the same for all file upload labs I have tried so far): I manage to upload a webshell with...
hi , in the Lab: Routing-based SSRF you asked for the user to delete Carlos whit capital letter . but there is no "Carlos" to delete , only "carlos".
Hello, I am currently facing an issue in the "Inconsistent handling of exceptional input" lab. After registering an account, I should be able to see my email address on /my-account page but it's not the case. Also I...
In the last lines of chapter 2 of Stored XSS section (Impact of stored XSS attacks) it says "In contrast, if the XSS is stored, then the user is guaranteed to be logged in at the time they encounter the exploit." Is this...
Hi, I'd like to raise a very interesting problem. We are currently running a on-prem Collaborator which is only available over our VPN. Everything worked fine until version 2022.05. Then users experienced following...
using jre 17.0.5 on kali It worked fine yesterday, suddenly im getting this error on root: "devtools.client.n:refusing to start browser as your configuration does not support running without sandbox" on non root using...
Hi, I see a problem with the update of the state of the laboratories that I finished correctly. They are randomly shown as unsolved. It is happening to me in SQLi and JWT attacks. Thank
Hey I have tried installing the previous versions of Burpsuite community edition and it wont start downloading.This is happening for all the previous releases which contains the Windows(64 bit) version. However the Pro...
I have a VM with Linux distro on it and I installed Burp community and the first thing I did was select the open browser button from the proxy tab, it did not open. I then configured settings like my safari browser settings...
Hi team, When I initiate a connection check on BSE, the UI display with error "Unable to perform connection check We were unable to perform a connection check for your site. Please check that your scanning machines are...
Sorry for writing here. I am in the exam and have done 5 labs. I had a session token of a user and got more permissions by extending the permissions. Then all suddenly my session stopped working and the session token, no...
The lab(Subject line) does not put output after trying multiple payloads even interesting is the fact that the solution provided also does not work as a solution. Have been stuck and here. The lab is : SQL injection attack,...
Burp jar - burpsuite_community_v2020.5/Windows 10 Pro/Open JDK Latest version, In repeater cursor is not following entered chars after 5/6 letters. This is happening only in executable jar version & not in installation...
Hi, I am having an issue where Burpsuite will not bind to any port on localhost e.g. 127.0.0.1:8080,9999 etc. OS: Windows 10 Browser: Firefox Error message: 'Error "Failed to start proxy server on 127.0.0.01:<ANY PORT...
Hi, Basically as the title says I have done the lab for "Web cache poisoning with an unkeyed header" and succeeded in getting the alert box to pop up in my browser. However despite this no matter what I do the lab itself...
Hi We have deployed burp suite enterprise edition on GKE and run an automated schedule on weekly basis. Can you please let us know how to fix below error mainly due to "browser crashing" which fails whole scan ?...
I have an interesting "bug" for you. I was testing a website that set a session cookie upon login. When logging out, the application set the session cookie to '""' (i.e. two double quotes) rather than an empty...
I am using burpsuite professional at my work and testing the client web application. I am facing problem with burp v2021.8.3 which is failing coz of CORS failure. I am getting the response from application in proxy but...
I am sorry, I am new to BurpSuite and am trying to use the Community edition on Windows/10 64bit. I am on the "Proxy" tab and have "Intercept is on". When I click the "Open browser" I get this error message: Burp...
Hi there, there is a problem with the feature 'User Options>TLS>Client TLS Certificates>Hardware token or smart card. The feature only seems to support "legacy" fat pcsc driver implementations, whereas most modern pcsc...
Page 37 of 143
Your source for help and advice on all things Burp-related.