Bug Reports - Page 5 - Burp Suite User Forum

TE.CL smuggling labs - official solutions do not work

The following labs don't seem to work / work stably. https://portswigger.net/web-security/request-smuggling/lab-basic-te-cl https://portswigger.net/web-security/request-smuggling/lab-obfuscating-te-header To reproduce...

"discord.com" does not work with new Burp version

The Discord web app does not work with the new Burp versions anymore. If you go to the site and login/register, then try to open the web app (discord.com/app), it's stuck on connecting. This only started happening in...

A bug in BurpExtension that causes the response to be determined to have changed.

In BurpExteion IProxyListener(Legacy API) and ProxyResponseHandler (montoya API), Burp interprets the response as modified even though it is not. If you check the Burp history, you will see that the response "Original...

Labs Slow and Exploit Not Being Delivered to User

Working on CSRF labs - every page seems to take 20 seconds or so to load, and the deliver to victim button is not working. WHen i review the logs, I am the only IP to load the page.

M1 Mac error

I built an extension for someone that worked fine on the 2023.1.2 Burp Suite version on Windows 10 and 2017 Intel Macbook Pro but not on their M1 mac running 2023.1.2 version of Burp. Not sure what would be different, the...

Low labs performance

I'm getting slow responses (up to 20 seconds delay) when working at least with CSRF labs (haven't tried other labs yet), examples are: Dec 07 11:20:18 MSK...

I just installed burp suite but cannot scan due to machine health

When I check scanning machine details , I get license pending however I activated my license I was hoping somebody could kindly help me with this

Proxy issues when using curl, python, openssl s_client

Hi there, I'm having issues with Burp 2023.1.1 and 2023.1.2 on both the personal and community editions where the proxy works fine when using the builtin browser or mobile application, however when trying to replay previous...

Installer on Fedora 35 dispaly an empty red/rose dialog - no buttons...nothing

HGi, I downloaded the burpsuite_community_linux_v2023_1_2.sh, then I tried ./burpsuite_community_linux_v2023_1_2.sh as well as with sudo, I get a message indicating Unpacking JRE ... Starting Installer ... then a...

Burp 2023.1 - all HTTP responses show as edited

Hi, In Burp 2023.1, all HTTP responses show as edited and I can select between original response and edited response in the Proxy HTTP history. However, there are no differences when comparing the two, i.e. the response...

Scanner Stops Scanning

Scanner stops scanning when a request is made which times out. Watching the requests in Logger++, the comment field contains 'Timed out', but the 'completed' checkbox is not ticked. The scanner pauses. Pausing the scan...

In Burp suite V 2023.1 everywhere I click in the Request and Response fields or any field, a tab or space is added

Imagine there is this header in the Request field: Cookie: OptanonConsent= Assume that I clicked right next to "p" in OptanonConsent , burp adds either a space or tab so it becomes "Op tanonConsent" or "Op ...

Lab: DOM XSS in jQuery selector sink using a hashchange event

The solution for this doesn't solve the lab.

Burp Browser - Getting logged out & "The anti forgery check failed."

Hi I am doing the Portswigger Academy labs using the Browser in Burp Suite on Windows 10. This means I have to sign-in to the site from this browser. However, I am continuously being logged out and when I try to sign...

Copy as curl command in Burp Repeater doesnt include --compressed flag even if the request has Accept-Encoding: gzip, deflate

Hi Version: Burp Suite Professional v2022.12.25 Please note the "Copy as curl command" in Burp Repeater doesn't include --compressed flag even if the request has Accept-Encoding: gzip, deflate. The issue is that...