Burp Suite User Forum

Login to post

Bug in Site map tab while showing only items in scope.

While showing only items in scope, if we activate the flags "Show only requested items" and "Show only parameterized requests" and disable them again, the Site map no longer show only items in scope, but show other requests....

Last updated: Mar 25, 2015 08:24AM UTC | 4 Agent replies | 5 Community replies | Bug Reports

java.sql.SQLException: Invalid column index not detected by active scanner

Hi, while working on an application with the active scanner of Burp 1.6.12 a lot of possible SQL injections like: -------------- SERVICE NOT AVAILABLE. Please refer to your system administration<br>FooException:...

Last updated: Mar 18, 2015 09:52PM UTC | 2 Agent replies | 2 Community replies | Bug Reports

Failed to parse the content of the page for SQL Injection indications in the passive scanner

Suppose the following scenario: I access a particular page, and in the body of the page you have a MySQL syntax error with the SQL query. The base request is always the same, it already has the SQL query in the...

Last updated: Mar 17, 2015 09:24PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

File dialog paths across the application

Burp seems to maintain the same file path through-out the application. If would be useful if the last save/restore file location was stored separately to the load intruder payloads path.

Last updated: Mar 17, 2015 02:19PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

recieving smart card error "card was detected but not the right one..."

I just started to receive a smart card error when attempting to load my smart card certificates to burp. I have been using the p11-capi.dll successfully for some time. The error I receive from the card manager follows. "A...

Last updated: Mar 17, 2015 01:49PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Escaping Help

Hi, Not sure if this should fall under "Bug Reports" or "Feature Requests" so please move if needed. Anyway, when looking at Burp's built in help (by clicking on the "?" mark) it pops up in a small window. I can not...

Last updated: Mar 16, 2015 09:29AM UTC | 2 Agent replies | 2 Community replies | Bug Reports

Intruder results: copying a column with Control-Click in Pro version

From the Intruder documentation: "You can reorder the table's contents by clicking on any column header [...] You can copy the contents of a column by Ctrl-clicking the header [Pro version]". Bug #1: A column is reordered...

Last updated: Mar 13, 2015 08:30PM UTC | 3 Agent replies | 1 Community replies | Bug Reports

Visual bug in Intruder when two payload sets are of type "Dates"

Tested on Burp Pro v1.6.11 on OpenJDK 1.7.0_75-b13 (and many different setups) That's an old bug, which happens only in a specific situation. How to reproduce: - send a request to Intruder - in the "Positions" tab,...

Last updated: Mar 13, 2015 08:27PM UTC | 3 Agent replies | 1 Community replies | Bug Reports

Maximising Burp

I'm having a bug with Burp on a multi-monitor setup where it won't maximize and take advantage of the full screen. See the image below for an explanation - Burp will only maximize to the bottom ~90% of the...

Last updated: Mar 05, 2015 02:53PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Duplicate type IDs?

Hey, I'm not sure if this is a bug or standard functionality, but some clarification would help. In recent releases we've seen some type IDs that are the same for different issues. <type>134217728</type> ...

Last updated: Mar 05, 2015 02:50PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

PostData removed when changing cookies in repeater/params tab

When I change data in the params tab ( either deleting/editing/moving) parameters , the postdata in the resulting request is gone ! Postdata is in this form {"productId":"xxxxx#xxx#xxx"}. ( however also tested with...

Last updated: Mar 05, 2015 02:12PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

DOM-based open redirection error

Hi, I am getting 'Open redirection (DOM-based)' error on all my pages . Can you help me to resolve this

Last updated: Feb 27, 2015 01:33PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Passive Scanning of .js CPU intensive and always retrying the same file

Hi there, I'm reporting a behavior that i've noticed since the new static code analysis was introduced. I've noticed that whenever there is a .js or other file that is Big or with complicated code, the passive scanner is...

Last updated: Feb 26, 2015 04:42PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Font size

When adjusting the font size, there is no changes to the HTTP message section.

Last updated: Feb 18, 2015 08:38AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Alert message while testing a website with its hostname

Hi Team, We are getting some issues while executing Burp Suite. When we execute the Burp Suite for a site with its IP, then it is working fine but when we are executing the same with its host name, we are getting Alert...

Last updated: Feb 16, 2015 04:23PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Uppercase when authenticated with NTLM

Hello, I want to report a important bug. If I use NTLM authentication burpsuite always sets uppercase letters for the login and for some case sensitive database it is problem. Thanks for repair. Excellent would be...

Last updated: Feb 06, 2015 02:37PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Row highlights

Let's say you have 20 items. You select row 10, hold down 'shift' and hit the 'up' button three times. Instead of lines 7-10 being highlighted, only lines 7-8 highlighted.

Last updated: Feb 02, 2015 11:40AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Scan queue being reordered

Pause the scanner, save the state and close Burp. Open Burp and restore the state. The number column under Scanner > Scan queue has been reordered starting at 1 instead of the previous numbers.

Last updated: Feb 02, 2015 10:35AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

interface catastrophically broken in recently updated Debian 7

BURP Version: 1.6.09 Debian version: 7.8 (Wheezy) JRE: both OpenJDK and Oracle JRE XOrg Server: both XVFB and QXL Invocation: java -jar ./burpsuite_pro_v1.6.09.jar Mode of failure: Burp Suite windows do not...

Last updated: Feb 02, 2015 08:55AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Missed DOM XSS

We were testing your DOM XSS scanning capability against test web sites (from the makers of Ra.2) and noted to obvious false-negatives that were missed. EXAMPLE...

Last updated: Jan 26, 2015 09:46AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Page 53 of 54

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image