Bug Reports - Page 5 - Burp Suite User Forum

CSRF lab not accepting my solution

I followed each and every steps of how I was directed in the video but still it shows some stuffs on top when I try to store or deliver expoloit or any buttons. Here it says " This is your server. You can use the form...

CSRF labs exploit server delivery doesn't work

Hello, In the past i solved these labs without any issue. Now i can't even "Solve" the easiest one, CSRF vulnerability with no defenses. If i view the exploit the mail updates. Delivering the exploit doesn't work, does...

LLM labs not working

I'm trying to solve LLM labs but the AI only show typing no matter commands I use. Try to refresh the page only gives me System: No chat history on record. I have try the lab with chrome and firefox. Even reconnect the...

Basic clickjacking with CSRF token protection

I'm having trouble with this lab. When I click on 'View exploit' I have the login page coming up, of course with no 'delete' button. I'm using Burp's browser Chromium and here's my script, of course I'm changing the lab Id...

Exploiting PHP deserialization with a pre-built gadget chain

Hello I have a problem with this lab, when I send my payload I got a next error: <div class="container"> <header class="navigation-header"> </header> <h4>Internal Server Error: Symfony...

There is a bug in Professional / Community 2024.7.6

When sending a message to the intruder, the message content will be automatically modified, resulting in the failure of the attack.For example, if there is JSON data in the request body, after sending it to the intruder, the...

Intruder results screen is blank, So frustuating

I work professional required burp intruder to work. This Burp professional never showing my intruder attacks ongoing or completed. I better off using community version, It works better. Refer:...

CORS vulnerability with basic origin reflection

Hi, I used all kinds of different browsers but the administrator user won't click or do any interaction to retrieve the api key. the script I used: <script> var req = new XMLHttpRequest(); req.onload =...

Several labs not completing even though exact steps were followed

I have been following the recommended learning path. I am now at a point within the XSS section (and onwards) where none of the labs are completing/solving, despite following the exact steps listed under the solution tab or...

[Montoya] ResponseReceivedAction.continueWith not updating response anymore

Hello, I've noticed that in Burpsuite Pro 2024.8.1 (early adopter) that a plugin I wrote a few months ago using the Montoya API stopped working correctly. High level the code looks like: HttpResponse httpResponse =...

Indirect prompt injection (LLM attacks), email doesn't delete with account

Hello, I've completed this lab in the past but when I tried again, I can't. I follow these steps: -I create an account using the supplied email -I ask Live Chat to change my email to test@example.com -I go to Live...

Clickjacking with form input data prefilled from a URL parameter Lab Not Solved

Hey The lab just dont get solved its realy frustrading XD <style> iframe...

Can't click submit solution

Hey! I can't click submit solution in LAB: Exploiting cache server normalization for web cache deception. no change when i swipe over the button and nothing happens when i click it?

JWT authentication bypass via kid header path traversal : 401 unauthorized

I followed the steps but still getting 401 unauthorized. Could you please check

Academy progress gone!

Hi, I completed the Apprentice (all 52/52) today and it showed the progress as Done but now it doesn't!

Academy - Lab: Username enumeration via response timing - Unable to access usernames/passwords

Hello, In the Lab: Username enumeration via response timing, the list of candidate usernames/passwords is not accessible. In the lab, the below are not linked to anything, they seem to just be plain text. Candidate...

Burp Suite Fails to Load Default Wired Chrome Browser

Description: The default Wired Chrome browser does not load in Burp Suite. Environment: Application: Burp Suite Community Edition Version: 2024.7.6 Operating System: Ubuntu 24.04 LTS Installation...

Burp Suite Active Scan Crawling Issue

While crawling an application using the active scan, Burp's crawling status shows "network error" in the Crawl Path view tab. Burp Suite version 2024.7.5

Issues with academy

Hi, I am running into several issues with Burp Suite academy. From what I have seen, if I'm not doing something wrong, several labs are not being solved when they should be. Particularly, I have tried the 1st,3rd and 4th...

Target Tab missing from view tab

burp froze and i had to force quit it, upon opening it up again, my target tab was missing. tried restroing it from the view but its not in the list, also tried restoring defualt configuration. Nothing worked