Bug Reports - Page 43 - Burp Suite User Forum

BurpSuite Professional on Kali (ARM) running on MacBook Pro with M1 processor

Hello, I am trying to run my BurpSuite Professional licensed version on a MacBook Pro with M1 processor but I receive error: Unpacking JRE ... Starting Installer ... ./burpsuitepro.sh: 598:...

Burp 2.0.14 install4j error.log

I get an error.log generated when using the Burp 2.0.14 Windows 64-bit installer. Looks like this happened because the included JRE got updated to Java 11. java.lang.NoClassDefFoundError: sun/misc/Unsafe at...

Lab: CL-TE request smuggling lab is not working with the official solution.

The HTTP request: POST / HTTP/2 Host: 0ac000af04eed935c3233d650017001f.web-security-academy.net Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 8 Transfer-Encoding:...

Visiting a site that is using HTTP/2 and can't connect

Error Could not create new HTTP/2 connection The above is all I receive. I looked in logger to see if more information is available, and it is not. I'm able to connect to other sites that use HTTP/2, just not this...

License Missing

Due to the recent changes to licensing, my MD had to issue the Burp Pro licenses to individual accounts. I got the email telling me my MD had shared the license with me and to login and download it however the license...

Web Security Academy -> SQL Injection -> SQL injection attack, listing the database contents on Oracle

So far all the SQL query i ran work and dont have any error but when i am about to display the column name it doesn't have any out put on the page. this is my query : ' UNION SELECT column_name, NULL FROM all_tab_columns...

CSRF vulnerability with no defenses -> not solved but exploit works

Hi, i'm trying to solve the lab, also the lab "CSRF where token validation depends on request method" in both labs the exploit works for me and i can change the mail. But the page with only the submit button does not occur...

Web Security Bug - Lab: Username enumeration via account lock

Hello, This lab requires user enumeration via account lock, account lock is obtained after 3 failed login attempts. After we enumerate the valid username from wordlist, we should brute-force the password. I used burp...

Web Security Academy -> Insecure deserialization -> Some labs don't work

Hello, I'm just in the middle of your great academy and I found out that some labs in the insecure deserialization part doesn't work. Specifically: Lab: Using application functionality to exploit insecure...

You do not have any licenses.

Hello, I payed for a PRO licence, but on "my account" page, it says "You do not have any licenses.". How am I supposed to get my licence ? Thanks.

burp's browser doesn't work

Hi, im trying open burp's browser but i get error message Burp's Browser Health Check: Initiating health check Checking platform supported Success Checking browser binaries Success Checking headless...

Reflected XSS into HTML context with all tags blocked except custom ones

ello, I tried copying and pasting the solution, replacing the LAB ID, which in my case from the link https://exploit-0a2e00f604bd5197c065ff3c01aa00ea.exploit-server.net/exploit was...

Connection to upstream proxy fails when "Crawl using my provided logins only" is disabled.

Burp Enterprise Version: 2023.1 Build: 11718 Scanner version: 2023.1.3 Database: postgres Database version: 12.11 Kubernetes install. Bug description: We must use an upstream proxy for egress in order to be...

Headless BurpPro in Docker requires X11

Hi, I am trying to run Burp Pro within Docker using the following startup command: /usr/lib/jvm/jdk-17/bin/java -Djava.awt.headless=true -jar /home/user/burpsuite_pro.jar --data-dir=/home/user/...

Burp Suite can not close window

Burp Suite Pro Version v2022.8.5 MacOS Big Sur 11.7 Steps to reproduce: 1. Open a new window (Burp collaborator client / Intruder) 2. press the exit(x) button / close button 4. the window is not closed, but the...

Can't Connect my redmi 9c to proxy burp suite

Sometimes i cant connect to my burp suite with my phone, but sometimes connected, but sometimes without any proxy i enabled to connect to my burp suite.

every time i submit solution / solve a lab i get logged out

i am currently having an issue where every time i access a lab i am required to log in again as i keep getting logged out after i submit a solution to a lab. is there a way i can fix this? as from my settings i cant find...

screen redraw

At random times, the gui starts getting messy, the screen is redrawed several times whenever I move my mouse cursor image of problem: https://ibb.co/8N9D46k

Websockets dropping connection in latest verison

I am having an issue while intercepting traffic using WebSockets. I encountered this issue while using 2023.1.3 professional version of BurpSuite. Using the older version (from January) did not fix the issue. The...

Recursive Grep results are not used in the following request

Hi, I'm making my first steps with Burp and try using intruder for finding the password of an phpmyadmin interface. For that I use a pitchfork attack with a recursive grep to find the session_id and the token....