Bug Reports - Page 49 - Burp Suite User Forum

Burp Enterprise older JRE version

Hello, We're currently running the latest version of burp enterprise and have set it to automatic update. We've scans indicating the agent and the enterprise installations making use of older JRE version 1.9.0_4....

License is not valid after upgrade

Hello, I upgraded burp suite and then it asked license again. I provided the previous license but still required to activate manually. Can you help me ? Thank you

HTML Render Tab Does Not Render HTML Response

I have an issue where the Render tab in the Response section is not rendering the HTML content. I just receive a blank page. However when view the HTML source in the HTML tab, there is HTML content.

Downloading license file

Hi, I have the burp license extended 1-2 days ago. When I try to download the license file through the panel, it will not work. However, software download has no problem. Could you please check if everything is OK with...

anti forgery check fail

I am not able to log in or even reset my password on chrome. it is giving some kind of error as anti forgery check fails. The following are the message that I am seeing. The anti forgery check failed. This could happen if...

Match and Replace strange behaviour

Hi everyone, I'm using the "Match and Replace" functionality to change the host header of an HTTP request. The problem is that even if I change the Host header, the request goes to the old Host header. This is...

proxy bug in Community edition (almost latest versions)

Hello, I am a fan of Burp! I am using Burp suite Community Edition, and I found a bug in proxy module. Bug is below: In HTTP header, i had a field with name "APP_TYPE", when i intercept the request with burp-proxy, the...

Lab: Username enumeration via account lock

i repeatedly tried to sole the lab with the exact solution. however, the password list provided does not generate any differences in response times. all settings are the same as the solutions and community solutions. am...

burp license reactication

Hi, we're using a 4-users license. One of my colleague is prompted to reactivate the license. She's trying manual activation, the activation request is produced but the response says "An error occured". Please help us to...

burp Licenses

Hello, my computer is reinstalled. Burp needs s to be reactivated. But prompt me · fail, help me reactivate the license, thank you

Update broke burp

Hello I have been using the community edition, but the update seemed to have broken it. I got a correct solution for a lab, but it didn't update. I checked the proxy setting already.

Automate Burp scans using Carbonator extension

Hello, since two days I try to implement the automatic scan of burp with carbonator, here is the output that the terminal displays : Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true Your JRE...

Exploiting Ruby deserialization using a documented gadget chain

Hey I got another problem with deserialization lab. I generate payload with this exploit https://github.com/j4k0m/Ruby2.x-RCE-Deserialization/blob/main/generator.rb, it's similar which you provide in lab solution link...

burpsuite embedded broswer doesn't work

I tried to use burpsuite embedded broswer but it didn't work, and I used health check, it shows: ELF /:not found Syntax error:

can't access academy labs

hi guys I've been trying to access the labs for a few hours now but they are really sluggish and most of the times they won't even load. I can access other sites but anything on portswigger seems to be a 50/50. any solutions...

burpsuite issues over VNC connection

Hello! I've run into a peculiar issue and wondering if anyone else has overcome it - when running burpsuite over my VNC connection (my primary access method) the burpsuite windows show up as pink and do not display content....

typo in academy example for TE.CL vulnerability?

In this learning material page: https://portswigger.net/web-security/request-smuggling#te-cl-vulnerabilities is the next example shown: ---------------------------------------- POST / HTTP/1.1 Host:...

Two session handling rules with "check session is valid"

I am using two session handling rules. The first to keep the session authenticated and the second to update the CSRF token. It seems that when the first rules evaluates the session as valid, the subsequent rule will not...

repeater bug

Now I don't know the function of target in repeater. I fill in the content of 'host' in the target casually, and I can still send data normally. The repeater now determines the direction of sending data according to the...

Could not start Burp: java.lang.NullPointerException

Hello, I was trying to install burpsuite (community and pro) on Archlinux (tried several... arch, manjaro and blackarch) and all of them run the same problem. The only message I got is: Could not start Burp:...