Bug Reports - Page 47 - Burp Suite User Forum

the lab could not be started in a timely manner

Apologies, the lab could not be started in a timely manner. Please try again or contact us if the problem persists. I have tried in different browsers but iti is not working

log4j2 vulnerability for Burp Suite Enterprise Edition Version: 2022.11-11262, Java version: 17.0.5

Hi, Our company is using Burp Suite Enterprise Edition Version: 2022.11-11262, Java version: 17.0.5. Could you please clarify if is this version or Burp Suite Enterprise affected by newly discovered log4j vulnerability....

Lab not getting marked as solved: Reflected XSS into HTML context with most tags and attributes blocked

After submitting the payload in the exploit server exactly as the lab answer specifies, the lab is still not getting marked as complete. I even tested it using "view exploit" which executes the xss, but delivering the...

mouse click ignored

Hello, I can't click any button, including installer; It seems like mouse click is ignored :( I'm using macOS high sierra, and burp professional version 2.1.03. Is there any solution for this? Thanks!

mystery labs "solved labs only" filter broken

When doing mystery labs with the "solved labs only" feature enabled, I recieved two expert level labs despite having never solved any expert level labs. Is anyone else experiencing this issue?

HELP WITH XSS and BURPSUITE!!!

Hello everyone, hope u are all great... I am having trouble replicating an issue that burp alerts too.. I have a reflected xss works fine in burp but is not reproducible in the browser due to modern browsers encoding input...

Reflected XSS in a JavaScript URL with some characters blocked - unintentional xss

Hi team, not sure if labs are built with only one particular and intended vulnerability per lab but in "Reflected XSS in a JavaScript URL with some characters blocked" there is other xss not related to the theme/scope of...

Blocked From Accessing Websites

Access to a numerous number of websites is blocked using the built in browser (Chromium), for example: https://nevion.com Can you detect what's the problem with the browser and fix it?

Android Apps crashing when trying to capture traffic using burp Suit Community Edition

Hello guys, I am having some issues when trying to capture traffic from an android emulator (NOX PLAYER), I installed the certificate in the system path (/system/etc/security/cacerts),etc etc...my issue comes when I try...

Certificate does not show up in Settings > General > About > Certificate Trust Settings on iOS

I am trying to capture traffic from my iOS device. I have successfully set the Proxy server in the Wi-Fi settings, downloaded the certificate from http://burp and imported it into General -> VPN & Device Management. However,...

Possible unintended behaviour in "SameSite Lax bypass via cookie refresh" lab

Lab: SameSite Lax bypass via cookie refresh: https://portswigger.net/web-security/csrf/bypassing-samesite-restrictions/lab-samesite-strict-bypass-via-cookie-refresh Hi, While solving this lab, I happened to notice that...

burpsuite not running

I have been trying to badly to search for a way to fix this issue, I cannot open burpsuite from the menu nor can I open it from the terminal. every time I try to open burpsuite from the terminal I am only left with "invalid...

JWT Editor Keys extension not working properly

Hello, I'm not able to Modify/Sign/Verify jwts with the JWT editor Keys extension. Buttons just can't be clicked. Can you explain why? Here's a screenshoot: https://ibb.co/tbRkRHK

burp 2022.12.5 can't use browser

I click "Open browser" buttom to open browser, then negative to url anything then got the message alert Title : Burp Browser Error Content : net.portswigger.browser.yh: Timeout expired while waiting for response to...

Burp Enterprise services won't start after install

When I install Burpsuite Enterprise or an agent, de services are created, but can't be started. Nor by the installer or manually afterwards. Instead there is a faillure like: # systemctl status...

BurpSuite Browser Built In Browser isn't launching

I'm currently using BurpSuite community on Kali Linux. When clicking open browser I receive this error message: "net.portswigger.devtools.client.impl.connection.local.f: Failed to read dev tools web socket" When I run a...

Web Cache poisoning: URL normalization lab can be solved as basic XSS lab

Hello, Wanted to inform you that when you submit this URL payload: `https://YOUR-LAB-ID.web-security-academy.net/post/comment/confirmation?test=g&postId=%22%3E%3C/a%3E%3Cscript%3Ealert(1)%3C/script%3E` It validates...

Web Security Academy Labs

The more labs I complete, the more labs I need to complete to become an Apprentice. Seriously. The counter displaying how many labs I need to complete increases by one for every lab I complete.

Cannot Re-take Practice Exam

I am unable to re-take the practice exam. When I try, the site says its building the web application but when I click the link to begin the exam, I get the error message below telling me I need to retry. If I click Try...

Browser

When I have interceptor turned on the browser acts as expected. And then when I turn off interceptor the browser still acts as though it's on it seems. Like it doesn't open the web page. It does this even if I'm using it to...