Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Passive scan sends requests

I'm using Burp Suite Professional v2022.2.4 (issue identified both in Linux and Windows installer version). When I right click on a Target in the Site map and use the option "Passively scan this host" multiple requests...

Last updated: Apr 11, 2022 08:07AM UTC | 3 Agent replies | 2 Community replies | Bug Reports

the lab could not be started in a timely manner

Hello, Everytime I start a lab, I get the following message and it doesn't start Apologies, the lab could not be started in a timely manner. Please try again or contact us if the problem persists.

Last updated: Apr 11, 2022 07:29AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Business logic vulnerabilities

Hello, On the Business Logic Vulnerabilities labs, when I register an account and try to log in with that account, I keep receiving an "Invalid username and password." message. For example, in the Inconsistent security...

Last updated: Apr 08, 2022 03:13PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Password Reset Broken Logic Lab

The walkthrough and video for this lab are for "Password Reset Broken Logic", but the lab does not have a password reset link? It looks like an email reset vulnerability. Please advise :)

Last updated: Apr 07, 2022 07:47PM UTC | 0 Agent replies | 1 Community replies | Bug Reports

DNS resolution failing for Burp Collaborator FQDNs

Hello, i'm experiencing issues with the DNS resolution of Burp Collaborator FQDNs: > host wee9mi6974jyv6h5tayvi4tv8med22.burpcollaborator.net Host wee9mi6974jyv6h5tayvi4tv8med22.burpcollaborator.net not found:...

Last updated: Apr 07, 2022 02:16PM UTC | 3 Agent replies | 3 Community replies | Bug Reports

Labs don't load

I have tried accessing these labs: 1-https://portswigger.net/web-security/file-path-traversal/lab-absolute-path-bypass And I am not redirected instead I get this message: Apologies, the lab could not be started in a...

Last updated: Apr 07, 2022 12:27PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Java version 11.0.10 - Multiple Vulnerabilities

Hi, Yesterday I installed a fresh copy of Enterprise Edition 2021.11. Overnight it was scanned by Nessus which is reporting... -------------------------------------------------------------------------------- Oracle...

Last updated: Apr 07, 2022 09:36AM UTC | 3 Agent replies | 2 Community replies | Bug Reports

Apologies, the lab could not be started in a timely manner. Please try again or contact us if the problem persists.

Hello Burp Suite, When i try to access any labs ,it always shows " Apologies, the lab could not be started in a timely manner. Please try again or contact us if the problem persists." Please help me to access the lab

Last updated: Apr 07, 2022 06:44AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Lab: Reflected XSS protected by very strict CSP, with dangling markup attack - attack successful but not marked as solved

Hi there, First of all thanks so much for the awesome web security academy. I've done many of the labs without problem but strangely with the captioned lab, it just doesn't seem to recognize the fact that my attack was...

Last updated: Apr 06, 2022 02:26PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Unable to load PKCS11 library when Java 17 is used

Burp 2021.10.2 fails to load opensc-pkcs11.so library when configuring Client TLS Certificate with Java 17.0.1. Error message reads: "Unable to load library - check file is correct and device is installed." It works fine...

Last updated: Apr 05, 2022 12:29PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Full server response not showing in 'Define Custom Parameter'

Hi - I'm trying to use the Macro Editor's "Define Custom Parameter" function to pull a JWT out of a server response, but the response viewer in the DCP window does not show the entire response. The viewer's display width...

Last updated: Apr 05, 2022 10:55AM UTC | 1 Agent replies | 1 Community replies | Bug Reports

"Targeted web cache poisoning using an unknown header" seems broken

Hi there, I've attempted the <insert subject> lab 2 times. After peeking at the solution it was clear that what I was doing is correct. I leak the User-Agent (tried both collaborator and exploit-server) and I poison the...

Last updated: Apr 04, 2022 10:03AM UTC | 2 Agent replies | 2 Community replies | Bug Reports

Burp Pro fails to launch

# # A fatal error has been detected by the Java Runtime Environment: # # SIGSEGV (0xb) at pc=0x00007f18fc1c5b0e, pid=6362, tid=6421 # # JRE version: OpenJDK Runtime Environment (16.0.2+7) (build 16.0.2+7-67) # Java...

Last updated: Apr 04, 2022 08:02AM UTC | 2 Agent replies | 2 Community replies | Bug Reports

Are Burp Suite Professional and Burp Suite Enterprise Vulnerable to Spring4Shell

Hi, Are Burp Suite Professional and Burp Suite Enterprise vulnerable to these spring vulnerabilities: https://tanzu.vmware.com/security/cve-2022-22965 https://tanzu.vmware.com/security/cve-2022-22963 Thanks. D.

Last updated: Apr 01, 2022 08:27AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Xpath injection issue because of the the word "xpath" in the response

The string 'XPath' happens to appear in our HTML response as a part of the Google analytics payload and that section has nothing to do with XML or XPATH. In fact, we are returning the word "XPath" explicitly in the...

Last updated: Mar 31, 2022 12:04PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Burpsuite session is killed in the middle of scan

Hi The burpsuite session is killed when in middle of the active scan . I have launched the tool with command line java -jar -Xmx4g /path/to/burp.jar I'm running burp on Debian GNU/Linux 11 (bullseye) java -jar...

Last updated: Mar 31, 2022 08:17AM UTC | 3 Agent replies | 3 Community replies | Bug Reports

Burp Suite enterprise edition - Scanners are getting deleted automatically

Hello Burp Support team, Currently, I'm using Burp Suite enterprise edition - when I schedule scans in the night hours, we are observing that Burp Scanners are getting deleted automatically from Burp Server. We have...

Last updated: Mar 30, 2022 01:33PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Request body disappears in intruder when scrolling over to the right

When sending a request to intruder, if the request body is really long and scrolls outside of the window to the right, the text disappears when scrolling to the right to view it. This only seems to happen to the message body...

Last updated: Mar 29, 2022 12:37PM UTC | 4 Agent replies | 5 Community replies | Bug Reports

PortSwigger Academy - Advanced request smuggling - Spelling Error!

Hi PortSwigger, loving your labs! However; I noticed a spelling error on your page! "we've mitigated this by included a trailing parameter" - when it should be: "we've mitigated this by including a trailing...

Last updated: Mar 29, 2022 07:17AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Apologies, the lab could not be started in a timely manner. Please try again or contact us if the problem persists.

Getting this problem in the lab - https://portswigger.net/web-security/authentication/multi-factor/lab-2fa-simple-bypass

Last updated: Mar 28, 2022 09:12AM UTC | 2 Agent replies | 2 Community replies | Bug Reports

49 50
51
52 53

Page 51 of 142

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image