Bug Reports - Page 38 - Burp Suite User Forum

SQLi Lab for login bypass not working

Hello, as many times as i type administrator’— this solution just does not seem to be working. I’ve tried spelling it differently etc. but I just get notified that it is an “invalid username or password” Thanks

ToolType.valueOf No enum Constant

Hi, I get the following error when trying to use the valueOf() method of ToolType: No enum constant burp.api.montoya.core.ToolType.Scanner With the following code: ToolType.valueOf("Scanner"); I get the...

Lab: Cache key injection

Hi, it seems that this lab can be solved without key injection, simply by caching this at the redirect: GET /login?lang=en?utm_content='/><script>alert(1)</script><' HTTP/1.1 Host:...

Burp hotkey not working

Hey I installed the last version v2023.4.4, and the Hot key not response... for example: Ctrl + Shift + B or Ctrl + Shift + U and others... I checked the Hotkeys in Burp settings and they are exist, even if i tried to...

HTTP Request Smuggling Extension Can't Be Used After Last Update

Hello, Before attempting the BSCP exam, I updated Burp on my MacBook, and I found out that I could not use the 'HTTP Request Smuggling' extension. This occurred because, after opening the extension, the UI took almost the...

Web Cache Poisoning Lab Hanging Response

I'm currently attempting the following lab: Lab: Targeted web cache poisoning using an unknown header The steps I have currently done: 1. Intercepted a GET / HTTP/1.1 request to the lab URL 2. Sent the intercepted...

Active Scans halt indefinitely for no apparent reason

Hi, it happens from time to time that active scans halt for no known reason. Status of the "running" scan configuration is set to "Currently auditing [...]" and no new requests are being made (request counter is not...

Burp Collaborator can't be removed

Hi, I'm not sure whether there are other plugins having the same issue. I personally have only experienced this with the Collaborator Everywhere plugin. Unloading and removing this extension in the "Extensions" tab somehow...

The embedded browser don't open

I see this issue when i'm attempting to use the lab, it shows this message: "Burp browser error".

IBurpExtenderCallbacks#getToolName returns NULL

The burpsuite 2.0beta and 2.0.01beta returns NULL when `IBurpExtenderCallbacks#getToolName` is invoked with the value `IBurpExtenderCallbacks#TOOL_SPIDER` of variable toolFlag. How to reproduce: Please load this Python...

A problem with the license.

Hello. Something happened to the license at info@sm-hub.com ? The activation dropped on all accounts connected to the internet.

Activation Error

Hi everyone! When opening Burp Suite Professional today our instances consistently crashed. After restarting the license activation window opened. However our license (which is still valid for about half a year) was...

Activation Failure

Two out of five of my activated Burp Suite Pro instances have been deactivated, and when attempting to reactivate them, I encounter an "Activation Failed" error.

Burp Collaborator Default Servers Showing SSL Issue

Hi folks, When I (and other colleagues) run "Health Check" for Burp Collaborator on v2023.4.3 we are getting a significant amount of errors rendering Default Collaborator not functional. Is this a known issue affecting...

No category "Gifts" on website

The lab revolves around a SQL injection on the category "Gifts", but there is none. https://portswigger.net/web-security/sql-injection/lab-retrieve-hidden-data

Лабораторная работа: контрабанда HTTP-запросов, базовая TE.CL уязвимость

I tried to solve it myself several times, then your decision, and then as in the video. Nothing helps

No more activations allowed

Hi Team, I am trying to reactivate my Burp Pro license several times on my different machines due to environmental issues. I unable to reactivate as I am getting "No more activations allowed for this license" message....

Lab Bug

I am facing trouble with 'Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft' lab. Firstly, somehow lab asks me to 'Make the database retrieve the string: '8.0.32-0ubuntu0.20.04.2'' when...

Workaround for Java errors opening Burp on a secondary display on Linux

I encountered this and worked through it before I could blame Burp, so I want to post about it here for search-engine happiness. Using openjdk-17 on Linux with multiple monitors, Burp will start just fine on the first...

TE.CL smuggling labs - official solutions do not work

The following labs don't seem to work / work stably. https://portswigger.net/web-security/request-smuggling/lab-basic-te-cl https://portswigger.net/web-security/request-smuggling/lab-obfuscating-te-header To reproduce...