Bug Reports - Page 46 - Burp Suite User Forum

[Enterprise] Random scanning machine errors

Hi, We have recently deployed BurpEnterprise and I've been seen random errors in scanning machines. Our setup es the following: - BE server + posrgresql database is running in its own server (8 cores, 32GB ram) - 20...

Timeout waiting for stream allocation

Hi there, I can see all my requests in the HTTP Request tab, but they are not reaching the end server. All replies are from burp saying "Timeout waiting for stream allocation". I have tried to change the proxy port and...

Paste Outside of Burp 1.6.21 Not Working

Copy and paste works within the Burp interface. Once you try to paste something from Burp, for example a really long url, outside of the interface it does not work. You are also not able to copy and paste from outside the...

Burp Browser Options do not match those listed at in online help pages

https://portswigger.net/burp/documentation/desktop/scanning/crawl-options#burp-s-browser-options refers to options I cannot find on my installed Burp Proxy Professional 2023.1.1 (early adopter) running on Windows...

Selecting a smart card crashes Burp

Hi, some of my colleagues and I are experiencing an issue that crashes Burp Suite when selecting a smart card for client authentication with recent versions of Burp on Windows. (Windows 10, Burp Suite Professional...

Lab solved not marked as solved

Strange things happened - my previous thread was deleted recently but the problem persists. All 3 labs in Access Control part that require incognito window for solution are not marked as solved (I use built-in Chrome)....

Burp Suite was unable to capture packets successfully

Hi Burp Suite Security Team, My other web pages can be browsed normally and crawl traffic requests, but only one website cannot be viewed and will appear: Error - No response received from remote server. Error, I...

Huge project files when scanning

Hi, I'm using Burp Pro 1.7.33 and I noticed that the scanner is generating huge amounts of project data with no apparent reason. I'm talking about 1GB per minute more or less for a single scan which has the Burp...

Active Scanner ignores out-of-scope URLs when scanning

Annoyingly, the active scanner (I'm actually using Active Scanner ++) will continue to process URLs that I have explicitly listed as OUT OF SCOPE. I've added a Regex rule to exclude the following URL from scanning but the...

Basic clickjacking with CSRF token protection - Web Security Academy Lab

When viewing the exploit, I get the following error. "Resource not found - Academy Exploit Server" Here is the payload, I used in the body. <iframe...

Burp Does Not Redirect

The application I am testing uses SiteMinder for SSO, and this produces a redirect of the form... <HTML><HEAD><TITLE></TITLE></HEAD><BODY onLoad="document.AUTOSUBMIT.submit();">... <FORM NAME="AUTOSUBMIT" METHOD="POST"...

Wrong solution in WSA Expert lab XSS: Reflected XSS with AngularJS sandbox escape and CSP

Hello, in the WSA Lab titled 'Reflected XSS with AngularJS sandbox escape and CSP', the solution section is wrong because it suggests this...

DOM INVADER

Hello gentlemen, I am writing to ask you if it is possible that DOM INVADER gives me the possibility to launch the exploit but in the tab that opens the payload does not catch fire. Can DOM INVADER have false positives?

Cannot access http pages

Hi, I'm using the company laptop with system VPN and I don't know why I cannot access the http pages, even those in the lab environment such...

Activation

Hi, I had some problems with my machine and I had to format it a few times, but now when I managed to solve the problems my burp does not activate, it says that I have exceeded the number of activations allowed for my...

Upgrade Failed

Hello, We tried upgrading BurpSuite Enterprise Kubernetes setup with 'Enterprise Edition 2023.1' with helm chart. We observed that upgrade failed and we were not even able to login into UI. We had to reverse the...

Unknown_CA Error When proxying Android Traffic through Burp

Hello, I am using an Android Nexus 5x running Android Oreo 8.1 I have exported the Burp Certificate, converted it to the correct format and uploaded it in /system/etc/security/cacerts with the correct name and it is...

Install error with .Ink file

Hello, I cannot install BurpSuite and receive the following error: 'BurpSuiteCommunityEdition\BurpSuiteCommunityEdition.Ink Could not create this file.' Can anyone assist me with this issue?

Burp 2022.12.6 on Windows manipulates binary POST body data depending on the Content-Type request header

I've encountered this issue with two separate applications, but finally found a way to reproduce it. Burp v2022.12.6 on Windows 10 64bit, changes binary POST data, when sending manipulated requests. For example...

Burp suite pro 6 generating null pointer exception in console.

First I have observed that burpsuite_pro_v2022.12.6.jar is not invoking using mouse click. It is working fine when running using command prompt. But I am observing exception in console log... C:\Pentesting Tools>java...