Burp Suite User Forum

Login to post

TE.CL smuggling labs - official solutions do not work

The following labs don't seem to work / work stably. https://portswigger.net/web-security/request-smuggling/lab-basic-te-cl https://portswigger.net/web-security/request-smuggling/lab-obfuscating-te-header To reproduce...

Last updated: Feb 15, 2023 08:49AM UTC | 1 Agent replies | 2 Community replies | Bug Reports

"discord.com" does not work with new Burp version

The Discord web app does not work with the new Burp versions anymore. If you go to the site and login/register, then try to open the web app (discord.com/app), it's stuck on connecting. This only started happening in...

Last updated: Feb 14, 2023 03:55PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

A bug in BurpExtension that causes the response to be determined to have changed.

In BurpExteion IProxyListener(Legacy API) and ProxyResponseHandler (montoya API), Burp interprets the response as modified even though it is not. If you check the Burp history, you will see that the response "Original...

Last updated: Feb 13, 2023 02:39PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Labs Slow and Exploit Not Being Delivered to User

Working on CSRF labs - every page seems to take 20 seconds or so to load, and the deliver to victim button is not working. WHen i review the logs, I am the only IP to load the page.

Last updated: Feb 13, 2023 10:46AM UTC | 2 Agent replies | 2 Community replies | Bug Reports

M1 Mac error

I built an extension for someone that worked fine on the 2023.1.2 Burp Suite version on Windows 10 and 2017 Intel Macbook Pro but not on their M1 mac running 2023.1.2 version of Burp. Not sure what would be different, the...

Last updated: Feb 13, 2023 10:25AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Low labs performance

I'm getting slow responses (up to 20 seconds delay) when working at least with CSRF labs (haven't tried other labs yet), examples are: Dec 07 11:20:18 MSK...

Last updated: Feb 13, 2023 09:44AM UTC | 5 Agent replies | 4 Community replies | Bug Reports

I just installed burp suite but cannot scan due to machine health

When I check scanning machine details , I get license pending however I activated my license I was hoping somebody could kindly help me with this

Last updated: Feb 13, 2023 08:37AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Proxy issues when using curl, python, openssl s_client

Hi there, I'm having issues with Burp 2023.1.1 and 2023.1.2 on both the personal and community editions where the proxy works fine when using the builtin browser or mobile application, however when trying to replay previous...

Last updated: Feb 13, 2023 06:46AM UTC | 0 Agent replies | 2 Community replies | Bug Reports

Installer on Fedora 35 dispaly an empty red/rose dialog - no buttons...nothing

HGi, I downloaded the burpsuite_community_linux_v2023_1_2.sh, then I tried ./burpsuite_community_linux_v2023_1_2.sh as well as with sudo, I get a message indicating Unpacking JRE ... Starting Installer ... then a...

Last updated: Feb 10, 2023 04:17PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Burp 2023.1 - all HTTP responses show as edited

Hi, In Burp 2023.1, all HTTP responses show as edited and I can select between original response and edited response in the Proxy HTTP history. However, there are no differences when comparing the two, i.e. the response...

Last updated: Feb 10, 2023 09:04AM UTC | 3 Agent replies | 2 Community replies | Bug Reports

Scanner Stops Scanning

Scanner stops scanning when a request is made which times out. Watching the requests in Logger++, the comment field contains 'Timed out', but the 'completed' checkbox is not ticked. The scanner pauses. Pausing the scan...

Last updated: Feb 09, 2023 09:04PM UTC | 4 Agent replies | 7 Community replies | Bug Reports

In Burp suite V 2023.1 everywhere I click in the Request and Response fields or any field, a tab or space is added

Imagine there is this header in the Request field: Cookie: OptanonConsent= Assume that I clicked right next to "p" in OptanonConsent , burp adds either a space or tab so it becomes "Op tanonConsent" or "Op ...

Last updated: Feb 09, 2023 09:45AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Lab: DOM XSS in jQuery selector sink using a hashchange event

The solution for this doesn't solve the lab.

Last updated: Feb 09, 2023 09:20AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Burp Browser - Getting logged out & "The anti forgery check failed."

Hi I am doing the Portswigger Academy labs using the Browser in Burp Suite on Windows 10. This means I have to sign-in to the site from this browser. However, I am continuously being logged out and when I try to sign...

Last updated: Feb 08, 2023 05:23PM UTC | 1 Agent replies | 3 Community replies | Bug Reports

Copy as curl command in Burp Repeater doesnt include --compressed flag even if the request has Accept-Encoding: gzip, deflate

Hi Version: Burp Suite Professional v2022.12.25 Please note the "Copy as curl command" in Burp Repeater doesn't include --compressed flag even if the request has Accept-Encoding: gzip, deflate. The issue is that...

Last updated: Feb 08, 2023 03:48PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Link Manipulation (DOM-based)

Hi. I'm getting the following Link Manipulation alert that I'd like to make sense of: Data is read from location.href and passed to element.setAttribute.href. The following value was injected into the...

Last updated: Feb 08, 2023 02:49PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Do not validate the XSS lab

Hello the Lab: "Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and single quotes and backslash escaped" do not validate even with correct payloads. It trigger the alert() but nothing...

Last updated: Feb 08, 2023 12:00PM UTC | 0 Agent replies | 1 Community replies | Bug Reports

Burp is unable to login using recorded sequence as well as when I use creds it says did not find login form

Hi Team, I am trying to scan web app using enterprise edition, but while login scanner fails both with recorded login as well as using creds. With recorded login it says unable to find ./div/ some error message and with...

Last updated: Feb 08, 2023 09:26AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Getting minified react error #152 after logging in

I am trying to log in to my burp suite enterprise edition account. The login page appears fine, after logging in with the credentials, I get the following error:- Whoops - something bad happened Error: Minified React...

Last updated: Feb 07, 2023 11:09AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

[Enterprise] Random scanning machine errors

Hi, We have recently deployed BurpEnterprise and I've been seen random errors in scanning machines. Our setup es the following: - BE server + posrgresql database is running in its own server (8 cores, 32GB ram) - 20...

Last updated: Feb 06, 2023 02:36PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Page 5 of 121

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image