Burp Suite User Forum

Create new post

Import project file fails with Java error

I'm on Burp Suite Professional v2023.10.3.7 on Linux though this has been happening for awhile on older versions for me too. When I try to import project files, I receive a pop-up alert with the error message "An error...

Last updated: Dec 06, 2023 09:57AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

suspecting a small mistake in SSRF topic

To whom it may concern, while learning and completing SSRF academy labs, I came across the topic "SSRF with whitelist-based input filters" under "Circumventing common SSRF defenses", and I believe there might be a small...

Last updated: Dec 04, 2023 11:25AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

CSRF Labs Not Updating Solved Status

The CSRF labs seems buggy, I have tried all the labs, but non of them updates on successful "delivery of exploit to the victim". Following is a step-by-step breakdown, of what I am doing. 1. Login into my account 2. Add...

Last updated: Dec 04, 2023 10:59AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Repeatable bug in GUI (gui re-renders with shifting) when entering Min/Max/Step/etc values in Intruder

Burp Suite Professional v2023.10.3.6 Windows 10 22H2, GPU Titan X/Pascal on NVidia v546.17 drivers Default project/settings After triggering this bug, all GUI/any tab/any menu is broken and only Burp restart...

Last updated: Dec 04, 2023 10:19AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

In laboratory work, a request for a collaborator is not sent

In laboratory work: Lab: Reflected XSS protected by very strict CSP, with dangling markup attack, a request for a collaborator is not sent. I go to the exploit server and insert the appropriate script:...

Last updated: Dec 04, 2023 10:09AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Http protocols mismatch

I run Chrome via `chrome --disable-http2`, the development tool bar shows that the protocol is http 1.1, but burp shows the http 2.0 protocol. Screenshot: https://ibb.co/VJs16Xb Site url:...

Last updated: Dec 04, 2023 09:16AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Burp proxy cannot reach my local DVWA instance

Hi. I am experiencing a really weird issue. I cannot for the life of me, figure out why this is not working. It was working yesterday, but not today. I am running a instance of DVWA (Damn vulnerable Web app) using...

Last updated: Dec 03, 2023 08:57AM UTC | 2 Agent replies | 4 Community replies | Bug Reports

Injection of line break (\r\n) into :path pseudo header gets stripped

While doing the lab "Web cache poisoning via HTTP/2 request tunnelling" I've noticed that the \r\n bytes are getting stripped when issuing a request in Repeater. Confirmed this issue in the Logger: Intended :path value: /...

Last updated: Dec 01, 2023 02:38PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Burp possibly doesn't close HTTP2 gRPC connection gracefully

First of all, thank you for your great efforts to make HTTP2 available in Burp. I'm using Go gRPC example application named RouteGuide(https://github.com/grpc/grpc-go/tree/master/examples/route_guide) to check Burp can...

Last updated: Dec 01, 2023 10:37AM UTC | 8 Agent replies | 13 Community replies | Bug Reports

unintentional, tabs spamming the screen

whenever i use certain tabs like repeater, after a request interception wherever i move my cursor many of same tabs keep getting spammed into the screen making it unable to use...

Last updated: Dec 01, 2023 10:01AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Duplicate secret file in "Remote code execution via web shell upload"

Hello, In the File upload vulnerability lab "Remote code execution via web shell upload", there is a duplicate secret file in the "/home/carlos" folder. Both files have the exact same name and content (I didn't know that...

Last updated: Dec 01, 2023 09:41AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Rest API Internal Server Error

After a system reboot, the REST API suddenly stopped working. I'm using Burp Enterprise. I can still start scans via the GUI, but all the API calls that used to work result in a 500 Internal Server error. Also, when I go...

Last updated: Nov 30, 2023 05:11PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Mail address check problem

When I try to request free trial of Pro Version and type my actual email address correctly, it always shows an error "Please enter a valid business email address". It also didn't work with Gmail. It is really annoying, could...

Last updated: Nov 30, 2023 04:05PM UTC | 3 Agent replies | 2 Community replies | Bug Reports

Burp repeater Request editor scrambles bytes when switching between Raw and Hex

Here is a minimal test case to reproduce the problem To reproduce: 1. Open repeater tab, and focus raw Request editor 2. Insert a new line 3. Insert the following Base64 string: /w== 3. Select the base64 string (4...

Last updated: Nov 30, 2023 02:23PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Issue with "Reflected XSS protected by very strict CSP, with dangling markup attack" lab

I hope this message finds you well. I wanted to bring to your attention an issue I encountered while working on the "Reflected XSS protected by very strict CSP, with dangling markup attack" lab. It seems that due to a recent...

Last updated: Nov 30, 2023 10:43AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Burp Suite Community Edition v2023.10.3.5 will not update itself

I have Burp Suite Community Edition v2023.10.3.5 and when I manually checked for updates I saw the following: An update is available. Version: Burp Suite Community Edition 2023.10.3.6 However, when I clicked on the...

Last updated: Nov 30, 2023 08:47AM UTC | 5 Agent replies | 4 Community replies | Bug Reports

Cannot access labs with Burp browser

I can log to Portswigger site but when I press Acess the lab, I have an error message: This site can’t be reached x.web-security-academy.net took too long to respond. ERR_TIMED_OUT Same things happened yesterday. I can...

Last updated: Nov 30, 2023 07:17AM UTC | 11 Agent replies | 18 Community replies | Bug Reports

Slow response time labs

Hi, I've noticed two labs having a very slow response time and sometimes causing a failed-to-connect error. It causes the labs to be nearly impossible to solve. The errors and slow response times have occurred in the...

Last updated: Nov 28, 2023 09:58AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Send to repeater failing

I can't reliably reproduce it but it seems that sometimes when sending requests to repeater from the proxy history they aren't populated correctly. This has occurred perhaps 4 or 5 times in a day of testing and speaking to...

Last updated: Nov 27, 2023 11:20AM UTC | 7 Agent replies | 9 Community replies | Bug Reports

No more activations allowed for this license

Hi!! Unfortunately I have had to reinstall my pc on several occasions and now when I try to install burp suite, I get the error "No more activations allowed for this license" Could you help me ? I need ASAP thank you very...

Last updated: Nov 27, 2023 08:31AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Page 4 of 139

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image