Burp Suite User Forum

Create new post

Can't click submit solution

Hey! I can't click submit solution in LAB: Exploiting cache server normalization for web cache deception. no change when i swipe over the button and nothing happens when i click it?

Last updated: Sep 25, 2024 07:43AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

JWT authentication bypass via kid header path traversal : 401 unauthorized

I followed the steps but still getting 401 unauthorized. Could you please check

Last updated: Sep 24, 2024 10:15AM UTC | 1 Agent replies | 2 Community replies | Bug Reports

Academy progress gone!

Hi, I completed the Apprentice (all 52/52) today and it showed the progress as Done but now it doesn't!

Last updated: Sep 24, 2024 10:09AM UTC | 3 Agent replies | 2 Community replies | Bug Reports

Academy - Lab: Username enumeration via response timing - Unable to access usernames/passwords

Hello, In the Lab: Username enumeration via response timing, the list of candidate usernames/passwords is not accessible. In the lab, the below are not linked to anything, they seem to just be plain text. Candidate...

Last updated: Sep 24, 2024 08:06AM UTC | 2 Agent replies | 2 Community replies | Bug Reports

Burp Suite Fails to Load Default Wired Chrome Browser

Description: The default Wired Chrome browser does not load in Burp Suite. Environment: Application: Burp Suite Community Edition Version: 2024.7.6 Operating System: Ubuntu 24.04 LTS Installation...

Last updated: Sep 23, 2024 07:08AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Burp Suite Active Scan Crawling Issue

While crawling an application using the active scan, Burp's crawling status shows "network error" in the Crawl Path view tab. Burp Suite version 2024.7.5

Last updated: Sep 23, 2024 07:05AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Issues with academy

Hi, I am running into several issues with Burp Suite academy. From what I have seen, if I'm not doing something wrong, several labs are not being solved when they should be. Particularly, I have tried the 1st,3rd and 4th...

Last updated: Sep 21, 2024 09:25PM UTC | 0 Agent replies | 2 Community replies | Bug Reports

Target Tab missing from view tab

burp froze and i had to force quit it, upon opening it up again, my target tab was missing. tried restroing it from the view but its not in the list, also tried restoring defualt configuration. Nothing worked

Last updated: Sep 21, 2024 10:03AM UTC | 3 Agent replies | 6 Community replies | Bug Reports

Lab: HTTP request smuggling, basic TE.CL vulnerability

I am running through the labs again in prep to take the test. I think this lab has stopped working. Regardless of what I do, it does not seem like the backend is honoring the Content-Length header. I've tried multiple...

Last updated: Sep 20, 2024 10:25AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Install Script Leaks the java binary

The Download and Install Bash script for arm Linux when you install Professional Burp suite is leaks the java bin. -- output: └─$ bash burpsuite_pro_linux_arm64_v2024_7_6.sh > Unpacking JRE ... > Starting Installer...

Last updated: Sep 19, 2024 02:49PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Cannot set up Chromium DevTools overrides in embedded browser

When I open DevTools -> Sources -> Overrides and select a new folder for overrides, I get the prompt "DevTOols requests full access to [path...]". I click Allow, and then nothing happens. I do not have this issue with...

Last updated: Sep 19, 2024 09:07AM UTC | 6 Agent replies | 7 Community replies | Bug Reports

When I use the "show response in browser" the url does not work

Hi When I use this feature I receive a message : Unknown host : burpsuite the url is like "burpsuite:/repeat/3/epmnkg....." Would you please help me about this ? Thks

Last updated: Sep 18, 2024 08:56PM UTC | 6 Agent replies | 9 Community replies | Bug Reports

Lab: Exploiting a mass assignment vulnerability doesn't allow POST reqs

Hello, When trying to solve this lab following the given solution, after sending a POST /api/checkout request, I got a 400 Bad Request Error: {"error": "Malformed URL: query only supported with GET"}. Is this...

Last updated: Sep 18, 2024 07:19PM UTC | 3 Agent replies | 4 Community replies | Bug Reports

Vertically split UI extension not fully resizable

Hi there! We are running into a new issue since 2024.7.6 where as an example, the Authorize extension right panel isn't fully resizable. It appear that the UI will not resize smaller than the right most component on the...

Last updated: Sep 18, 2024 04:27PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Freeze on Screen Lock (macOS)

Burp Suite Pro seems to lock up every time my screen lock activates. This is Ventura 13.4 running on M2 silicon with v2024.3.1.3 When resuming, the only button that works is close and then the confirm dialog shows which...

Last updated: Sep 18, 2024 10:30AM UTC | 4 Agent replies | 4 Community replies | Bug Reports

"Blacklisted" responses in the WebSocket handshake manipulation lab

Hi, for some reason I started receiving an Unauthorized response during the lab "Manipulating the WebSocket handshake to exploit vulnerabilities" This only occurs at the /chat endpoint Request url (GET from...

Last updated: Sep 18, 2024 07:23AM UTC | 2 Agent replies | 3 Community replies | Bug Reports

CSRF Labs are buggy not working

Currently i'm trying to solve the CSRF labs. However, it seems that these are not working properly; It seems that the system doensn't work when you "deliver exloit to user". I know for a fact that the CSRF Payload is...

Last updated: Sep 18, 2024 06:28AM UTC | 6 Agent replies | 7 Community replies | Bug Reports

Lab: CSRF vulnerability with no defenses

Hello, going through the lab https://portswigger.net/web-security/csrf/lab-no-defenses, for some reason he does not solved. https://forum.portswigger.net/thread/lab-csrf-vulnerability-with-no-defenses-35a98ebd I had...

Last updated: Sep 18, 2024 03:51AM UTC | 5 Agent replies | 5 Community replies | Bug Reports

the Dashoard tab wasn't visible

the Dashoard tab wasn't visible for projects with crawl tasks started。

Last updated: Sep 17, 2024 01:30PM UTC | 6 Agent replies | 5 Community replies | Bug Reports

Burp Collaborator Problem

I have installed burpsuite and the cerification tested it and all works fine, I can intercept the HTTP&HTTPS requests, but the collaborator doesn't works. I have tried to made a normal get request from the browser to the...

Last updated: Sep 17, 2024 12:25PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Page 4 of 155

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image